[clue-tech] Protecting against the ssh hack
Angelo Bertolli
angelo at freeshell.org
Mon Sep 25 20:18:40 MDT 2006
Jack Parker wrote:
> Despite not advertising my domain name, despite hiding behind a dyndns
> router, I see that someone has been attacking my box against the ssh port
> (the only one which is open).
>
> Two things I'd like to do, one is install sshdfilter - I don't see a lot of
> commentary 'out there' on it - any thoughts from here?
>
> The second is restrict root login to the console only, I've done this in the
> telnet world, but don't remember it. Any pointers?
>
I just use something like the following with iptables
http://quantumlinux.com/pipermail/taclug-general/2005-July/014181.html
Even if they're patient enough to keep trying, I'll see the log before
they get around to it. Unless maybe if one of the users creates a dumb
password. Which is why I only trust my users up to a certain extent.
Angelo
More information about the clue-tech
mailing list