Re: Questions concerning Security Log

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday 08 April 2005 03:36, Dotan Cohen wrote:

>  I see that the attacker is comming from multiple IP's. Although I
>  currently do not ssh into this comupter, I would like to leave that
>  option open. Acually, I would like to set that up as soon as possible.
>  What should I block if I am being attacked by several IP's, but I do
>  not want to block ssh altogether?

I would say move to another port other then 22 as others have suggested.  No 
one will know except you and they won't hammer your system.


Some please correct me if I am wrong!!  Here is what I am planning in the 
future.

I don't have SSH up on my system yet as I have not had enough time to look 
into this yet, but this is what I am thinking.

I want to use double authentication when I put SSH live and here is how I want 
to do this (should anyone know of a web page that layers this out I would be 
thankful).

I would like to use trusted keys, I know some people don't like this but my 
thought is that if the keys don't match the connection is dropped thus not 
even allowing the person to attempt to log in using a user name and password.

Then after the key is correctly identified I still would like for the user to 
log in as they would normally do.  This would be how I would like double 
authnetication to work.


- -- 

Regards
Robert

Smile... it increases your face value!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCWGeb0xJrO8dQYHgRAqOkAKCDZPdyf3+/hPW+bOIffaBBFQERDACfXR0T
Ws5K1y1K3yMO8/ovzvwtI/o=
=Gp8f
-----END PGP SIGNATURE-----


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux