-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VeeJay wrote: > Thanks Reko.... > > Just couple of more questions... > > > On 1/12/07, Reko Turja <[EMAIL PROTECTED]> wrote: >> >> From: "VeeJay" <[EMAIL PROTECTED]> >> To: <[EMAIL PROTECTED]>; "FreeBSD-Questions" >> <freebsd-questions@freebsd.org> >> Sent: Friday, January 12, 2007 11:43 PM >> Subject: Please Help! How to STOP them... >> >> >> >I am reading many hundred lines similar to below mentioned? >> > >> > Could you please advise me what to do and how can I make my box more >> > secure? >> > >> > Jan 9 17:54:42 localhost sshd[5130]: reverse mapping checking >> > getaddrinfo >> > for bbs-83-179.189.218.on-nets.com [218.189.179.83] failed - >> > POSSIBLE >> > BREAK-IN ATTEMPT! >> > Jan 9 17:54:42 localhost sshd[5130]: Invalid user sysadmin from >> > 218.189.179.83 >> >> It's basically just script kiddies trying to get in using some ready >> made user/password pairs. >> >> Lots of info covering this has been posted in these newsgroups >> previously, but some things you might consider >> >> Moving your sshd port somewhere else than 22 - the prepackaged >> "cracking" programs don't scan ports, just blindly try out the default >> port - with determined/skilled attacker it's different matter entirely >> though. > > > How to change the port from 22 to something other and in what range > should I > choose a number? > > > Use some kind of portblocker (lots in ports tree) which closes the >> port after predetermined number of attempts - or as an alternative, >> use PF to close the port for IP's in question after predetermined >> number of connection attempts in given time. > > > Can you suggest such port which I should install to block these attempts? > > Use key based authentication and stop using passwords altogether. > > > What do you mean here? > > Remember to keep ssh1 disabled as well as direct root access into ssh >> from the ssh config file. > > > How to disable SSH1 and How to stop direct root access into ssh, where to > change? > > -Reko
Read man sshd_config. - -Garrett -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.1 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFqA4GEnKyINQw/HARAvRYAJ9f84lZRiAGAU66CtsvaSaKjvgHBwCfYnHY kQ04KF5kowf+AdX6SGF2Uic= =S546 -----END PGP SIGNATURE----- _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
