blazingtortoise;338829 Wrote: > Just a word of warning. I set up SSH tunneling to my server yesterday > and in approximately 12 hours I had 15,000 attempts to break into my > server. If your going to do it, make sure it's secure. > > Simon.
Unforunately many people believe an SSH server to be secure by itself (it is called *secure* shell). Here is a recent SANS article on brute force attacks: http://isc.sans.org/diary.html?storyid=4408 One of the most important things you can do is disable the ability to login directly as root by setting "PermitRootLogin no" in the sshd configuration file (which will be something like /etc/ssh/sshd_config on a Linux system). Another easy thing you can do is limit the machines that are allowed to connect. Very few people need to allow access to their ssh server from any machine on the Internet. You can use the /etc/hosts.allow and /etc/hosts.deny files to limit access (most Linux distros have OpenSSH compiled to obey these files). Put the line ALL:ALL into /etc/hosts.deny, and then in /etc/hosts.allow add a line like sshd:123.456.654.321,456.789.987.654 to permit access from particular IP address (you can also use hostnames). Of course, make certain you have strong passwords (that aren't dictionary words, etc.), or switch to using only key-based logins. -- ncarver ------------------------------------------------------------------------ ncarver's Profile: http://forums.slimdevices.com/member.php?userid=15905 View this thread: http://forums.slimdevices.com/showthread.php?t=52433 _______________________________________________ discuss mailing list [email protected] http://lists.slimdevices.com/lists/listinfo/discuss
