Re: ssh security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2005-12-26 at 02:04, Tim wrote:
> On Sun, 2005-12-25 at 21:24 -0800, Gerald wrote:
> > It looks like i'm getting a dictionary attack on my system. I moved
> > ssh to another port instead of 22 in hopes that would put a halt to it
> > but it did not. Any recommendations to improve security here? 
> 
> Since you ask for "any" recommendations...
> 
> If you don't need remote SSH access, configure the server not to listen
> to the outside world.  Other options might be to limit what addresses
> it'll accept connections from, or which accounts can be remotely logged
> into.
> 
> Even longer passwords than you care for, to make it harder to brute
> force crack.

Good suggestions as well as the one to use keys if you need ssh access.

Since someone took the time to scan for and find your ssh port then they
are targeting you specifically.  If you can, identify the IP they are
coming from and put them in your iptables list to block all access from
that IP.  If they are moving to different IP addresses check into things
like portsentry or the other one (ipdeny?) that will examine log files
for hack attempts and dynamically add those IP addresses to your
iptables deny list.  




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux