[clue-tech] Protecting against the ssh hack
Jack Parker
jack.parker4 at verizon.net
Mon Sep 25 20:42:43 MDT 2006
This sounds like what sshdfilter is doing - except perhaps more formally.
http://www.csc.liv.ac.uk/~greg/sshdfilter/
I don't typically monitor the log (only of late because I've been poking).
(bad smeagol)
j.
-----Original Message-----
From: clue-tech-bounces at cluedenver.org
[mailto:clue-tech-bounces at cluedenver.org]On Behalf Of Angelo Bertolli
Sent: Monday, September 25, 2006 10:19 PM
To: CLUE tech
Subject: Re: [clue-tech] Protecting against the ssh hack
Jack Parker wrote:
> Despite not advertising my domain name, despite hiding behind a dyndns
> router, I see that someone has been attacking my box against the ssh port
> (the only one which is open).
>
> Two things I'd like to do, one is install sshdfilter - I don't see a lot
of
> commentary 'out there' on it - any thoughts from here?
>
> The second is restrict root login to the console only, I've done this in
the
> telnet world, but don't remember it. Any pointers?
>
I just use something like the following with iptables
http://quantumlinux.com/pipermail/taclug-general/2005-July/014181.html
Even if they're patient enough to keep trying, I'll see the log before
they get around to it. Unless maybe if one of the users creates a dumb
password. Which is why I only trust my users up to a certain extent.
Angelo
_______________________________________________
clue-tech mailing list
clue-tech at cluedenver.org
http://www.cluedenver.org/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list