Agreed with your settings, and adding a Port setting of other than
the default port 22 eliminates the log bloat from script kiddies.
Ted Roche
Ted Roche Associates, LLC
http://www.tedroche.com
On Dec 18, 2005, at 8:48 PM, Bill McGonigle wrote:
On Dec 18, 2005, at 14:46, Bill Sconce wrote:
On 12/18/05, Brian Chabot [EMAIL PROTECTED] wrote:
Bill McGonigle wrote: I sleep better at night knowing my servers have these lines in them: Protocol 2 PermitRootLogin no IgnoreRhosts yes PasswordAuthentication no AllowUsers ...
I like to add in:MaxAuthTries 6UsePrivilegeSeparation yesAllowUsers
On Mon, 2005-12-19 at 09:04 -0500, Tom Buskey wrote:
I've started running something called DenyHosts. If I get N failed
logins from an IP address, it gets added to /etc/hosts.deny and my
sshd never sees that IP again. It's worth checking out. All
automated w/ email alerts, expiration of
I figgered I was hardly the first one.:)
Seriously, it does make me feel better. The first thing I did was move sshd
off of port 22. So that much is evidently a Good Thing Everywhere. Thanks!
I can't restrict IP addresses. My need is precisely that I myself, as well
as my co-developers,
For flexible SSH access, you can also have a world-acessible but
passworded webpage with a form that adds your IP to the allowed list
(iptables is easy to use this way.)
--Drew
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bill Sconce wrote:
|...
|I'll check into DenyHosts. And each of the other tips. Thank you all.
|And perhaps because of this list someone else will be saved the whole
hassle.
Beware of DenyHosts... A long, long time ago, at an ISP very far away,
I
On 12/19/05, Bruce Dawson [EMAIL PROTECTED] wrote:
I wish there was something like RBL that listed bogons so I could
block them. A lot of attacks lately have been coming from them.
http://www.cymru.com/Bogons/
I'm not sure those are the bogons you are looking for, though.
-- Ben Jedi mind
On 12/19/05, Bruce Dawson [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-Hash: SHA1Bill Sconce wrote:|...|I'll check into DenyHosts. And each of the other tips. Thank you all.|And perhaps because of this list someone else will be saved the whole
hassle.Beware of DenyHosts... A long,
Ben Scott wrote:
On 12/19/05, Bruce Dawson [EMAIL PROTECTED] wrote:
I wish there was something like RBL that listed bogons so I could
block them. A lot of attacks lately have been coming from them.
http://www.cymru.com/Bogons/
I'm not sure those are the bogons you are looking for,
On 12/19/05, Bruce Dawson [EMAIL PROTECTED] wrote:
But I guess a better place to stop them would be in tcpwrappers or eventhe firewall, but I haven't figured out a way to wedge something likeRBL into tcpwrappers or iptables/ipchains. Any ideas?
DenyHosts and sshblack poll (tail -f?) logfiles.
On Mon, Dec 19, 2005 at 01:21:12PM -0500, Bruce Dawson wrote:
Ben Scott wrote:
On 12/19/05, Bruce Dawson [EMAIL PROTECTED] wrote:
I wish there was something like RBL that listed bogons so I could
block them. A lot of attacks lately have been coming from them.
Bruce Dawson writes:
But I guess a better place to stop them would be in tcpwrappers or
even the firewall, but I haven't figured out a way to wedge something
like RBL into tcpwrappers or iptables/ipchains. Any ideas?
Not entirely what you are looking for, but I find the following
iptables
On 12/19/05, Tom Buskey [EMAIL PROTECTED] wrote:
Also, you need to beware of ISPs who use proxy servers - like AOL,
Yahoo, PowerNet, ... Blocking one of those can block a lot of
legitimate users.
Proxy ssh servers? I can't imagine too many ISPs proxying ssh.
Proxy IP servers. They don't
On Wed, 14 Dec 2005 19:57:45 -0500
Ben Scott [EMAIL PROTECTED] wrote:
...the fact
that a great many of the world's computers are not, in fact, under the
control of the nominal owner of said computer. (Spyware, adware,
viruses, Trojans, zombies, etc., etc., ad infinitum, ad naseum)
By
Bill Sconce wrote:
On Wed, 14 Dec 2005 19:57:45 -0500 Ben Scott [EMAIL PROTECTED]
wrote:
...the fact that a great many of the world's computers are not, in
fact, under the control of the nominal owner of said computer.
By coincidence, almost as Ben was writing this my firewall machine
On Dec 18, 2005, at 14:46, Bill Sconce wrote:
It didn't succeed, so far as I've
been able to tell)...
I sleep better at night knowing my servers have these lines in them:
Protocol 2
PermitRootLogin no
IgnoreRhosts yes
PasswordAuthentication no
AllowUsers ...
These settings aren't right for
Bill McGonigle wrote:
I sleep better at night knowing my servers have these lines in them:
Protocol 2
PermitRootLogin no
IgnoreRhosts yes
PasswordAuthentication no
AllowUsers ...
I like to add in:
MaxAuthTries 6
UsePrivilegeSeparation yes
AllowUsers can be a pain if your user bas
Brian Chabot wrote:
Bill McGonigle wrote:
I sleep better at night knowing my servers have these lines in
them:
Protocol 2
PermitRootLogin no
IgnoreRhosts yes
PasswordAuthentication no
AllowUsers ...
I like to add in:
MaxAuthTries 6 UsePrivilegeSeparation yes
AllowUsers can be a
18 matches
Mail list logo