Re: Changing SSH and Apache ports

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/15/05, Dotan Cohen <dotancohen@xxxxxxxxx> wrote:
>
> I know that this won't save the system from a determined hacker, but
> thankfully I haven't been attacked by one yet. I do get a nice long
> daily log report though:
>
> And I am constantly being tried on sshd:
>     Authentication Failures:
>        unknown (63.211.110.142): 853 Time(s)
>        root (63.211.110.142): 129 Time(s)

[ . . . snipped . . . ]

>        operator (63.211.110.142): 1 Time(s)
>        rpm (202.129.48.100): 1 Time(s)
>        rpm (63.211.110.142): 1 Time(s)
>        sshd (202.129.48.100): 1 Time(s)
>     Invalid Users:
>        Unknown Account: 959 Time(s)

You may look into using the AllowUsers directive in
/etc/sshd/sshd_config.  While it won't prevent people from probing
your system, it does provide an additional level of protection against
a guessed password.  If you do set up AllowUsers, your log will end up
looking something like this instead:

**Unmatched Entries**
 User bin from 61.66.132.60 not allowed because not listed in AllowUsers
 User adm from 61.66.132.60 not allowed because not listed in AllowUsers
 User lp from 61.66.132.60 not allowed because not listed in AllowUsers
 User lp from 61.66.132.60 not allowed because not listed in AllowUsers
 User daemon from 61.66.132.60 not allowed because not listed in AllowUsers
 User ftp from 61.66.132.60 not allowed because not listed in AllowUsers
 User games from 61.66.132.60 not allowed because not listed in AllowUsers
 User gopher from 61.66.132.60 not allowed because not listed in AllowUsers
 User halt from 61.66.132.60 not allowed because not listed in AllowUsers
 User lp from 61.66.132.60 not allowed because not listed in AllowUsers
 User mail from 61.66.132.60 not allowed because not listed in AllowUsers

I suppose this is only helpful if you have accounts that have assigned
passwords that you do not want logged into via ssh remotely.

--
Chris

"I trust the Democrats to take away my money, which I can afford.  I
trust the Republicans to take away my freedom, which I cannot."


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux