On 10/28/2009 04:03 PM, Michael Cronenworth wrote:
-Make sure your root password is not a dictionary word.
-Add iptables rules to limit multiple connections on SSH to 4 within a
minute.[1] Perhaps this needs to become a Fedora default.
-Update your system.
-Use SELinux.
Depending on situation, other measures to contain this problem:
* moving ssh to a different port (something > 1024)
brute force scripts will usually check port 22 only - a different
port will likely be checked only if attack is targeted
* switching to public/private key authentication
even with a bad password, the private key is much more secure against
a script kiddie. It helps against targeted attacks too, but can't rule
them out.
Also, IIRC, in F10/11 SSHd is disabled by default. That could be because
I usually use LiveCD install, though.
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
