On Sun, Jan 30, 2005 at 10:49:54AM -0200, Henrique de Moraes Holschuh wrote: > On Sat, 29 Jan 2005, [EMAIL PROTECTED] wrote: > > There are a lot of SSH brute force attacking scripts out there right > > now. I see them here at home and I see them try to get into the work > > machines all of the time. A firewall will help you, but you will want > > to ensure that SSH is secured as well. > > Yes. If you know the range of IPs you're likely to use, even something as > simple as tcpwrappers (/etc/hosts.allow, /etc/hosts.deny) will avoid a lot > of trouble for ssh.
I personally use a dyndns service to pre-authenticate access to a (not only) ssh service. This is implemented by the tinydyndns project, and the ipsvd package, which can check a client's IP address against IPs one or more dns names resolve to at the time the client tries to connect. Regards, Gerrit. -- Open projects at http://smarden.org/pape/. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
