More and more each day I am seeing my root emails contain hundreds of entries
like this:
May 8 02:23:35 warpstone sshd[26092]: Failed password for root from
222.185.245.208 port 50519 ssh2
May 8 16:37:41 warpstone ftpd[34713]: FTP LOGIN FAILED FROM 211.44.250.152,
Administrator
check the list archives.
this subject has been beat to death many times already
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of M. Goodell
Sent: Tuesday, May 09, 2006 10:54 AM
To: FreeBSD Questions
Subject: System Intrustion Detection
More and more each
Hi,
I would suggest using ssh with RSA key pairs and passphrases only. Dont
allow password based login or root login over ssh. Only allow root to
login using the console and use sudo for all admin tasks.
I have not tried this myself but you could use tcpwrappers and write a
script to add the
On Tue, May 09, 2006 at 07:54:03AM -0700, M. Goodell wrote:
More and more each day I am seeing my root emails contain hundreds of entries
like this:
May 8 02:23:35 warpstone sshd[26092]: Failed password for root from
222.185.245.208 port 50519 ssh2
May 8 16:37:41 warpstone
M,
There are several choices you can make to deal with this.
First, be sure your root password is 'strong'. Generally 'strong' means
that it is a combination of upper case, lower case, and numbers with a
decent lenght. I personally go with at least 12 characters and throw in
some punctuation as
In the last episode (May 09), [EMAIL PROTECTED] said:
I would suggest using ssh with RSA key pairs and passphrases only.
Dont allow password based login or root login over ssh. Only allow
root to login using the console and use sudo for all admin tasks.
I have not tried this myself but you