Re: How should I react to break in attempts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Yesterday a single host out there made over 300 attempts to login to sshd on my server. My feeling is that I can't stop people from trying, so my only goal is to prevent them from succeeding. Use a firewall and/or iptables or similar things, lock out unused logins, use good passwords on active logins, kill unnecessary services, stay up to date on security updates, etc. Someone once said that the only way to absolutely guarantee a computer's security is to unplug it. Short of that, approach computer security diligently, because people out there will try to break in.

Arthur Pemberton wrote:
I'm gettign mail from logwatch as to the following:

root (en201247.uac63.hknet.com): 3 Time(s)


What's my best plan of action to respond to such? Yes I root logins via sshd disabled.


Thanks for the advice.




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux