Re: How should I react to break in attempts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: How should I react to break in attempts
From: Pedro Fernandes Macedo <webmaster@xxxxxxxxxxxxxxxxxxx>
Date: Fri, 08 Apr 2005 11:35:28 -0300
In-reply-to: <[email protected]>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <[email protected]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)

Arthur Pemberton wrote:

I'm gettign mail from logwatch as to the following:
root (en201247.uac63.hknet.com): 3 Time(s)
What's my best plan of action to respond to such? Yes I root logins via sshd disabled.

Thanks for the advice.

Do you have a firewall on that machine? If you have , simply make a rule blocking ssh access just to a few machines, specially if the machine in question is a server... I used to so something like that on the servers I managed. To access the servers using SSH , you had to be in one machine that was on the admin subnet.

--
Pedro Macedo

References:
- How should I react to break in attempts
  - From: Arthur Pemberton

Prev by Date: Re: When are KDE and KFCE getting updated in FC?
Next by Date: Re: sony clie sync
Previous by thread: How should I react to break in attempts
Next by thread: Re: How should I react to break in attempts
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]