Re: hack attempt on my server...What do you do about this?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2004-07-17 at 15:40, Jonathan T. Steadman wrote:
> Sorry this is yet another lame question, but I am new to hosting web
> server ect. just kinda experimenting actually found in my logs i came
> across some garbage (its at the bottom of this email) what do you do
> about this?  Just let it be? inform ISP?  wait and see if it is more
> continuous?  dont know the proper thing to do i guess just making sure
> with you guys.
> 
The first line of defense is usually an IPTables firewall. To help you
get started, you might consider downloading webmin which creates a nice
browser-based interface to configuration. Yes, others will suggest that
this stifles the learning curve but protecting the machine is more
important IMO.

As a general rule of thumb, close of every port except those that you
absolutely need. In this case, do you really need external ssh access?

In general just set the default input policy to Drop and then create
rules for ports that you want access to. The last line is usually a LOG
entry so that you get a print of what you are rejecting. Our small 
network rejects about 3,000 connections per hour.

Once you get that done, you might want to take a look at a package
called psad which creates alerts.



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux