On 04/04/2016 09:49 AM, Rick Lair wrote: > So what would you recommend on my desktop PC in my office, that I do > everything on, that I just converted over to Linux Mint? > > Is it behind a firewall? Does it use NAT, so the desktop has no WAN address? That's the best security. Use good passwords, and only have one user account on the machine. If you never need to get into it from other machines, turn off sshd.
Now, for the firewall machine, the best thing in the world is denyhosts. I used to get 1000+ ssh login attempts a day! Then, I put in denyhosts, which watches the log for login failures. i set it quite restrictively, so that 3 failed logins from any specific IP within a month causes that IP to be added to the hosts.deny file, and stay there for a year. Very interestingly, exactly, TO THE HOUR, 2 weeks after I set this up, the attacks dropped from 1000 a day to 3! So, they used a wide range of compromised botnet nodes to find out what the time horizon of hosts.deny was set to. When it was seen to be over 2 weeks, they sent out the word somehow that my IP was not worth expending any effort on. Then, on the firewall machine, also have an absolute minimum number of user accounts, and make sure none of them have names like bob or alice. Names like this are the things they try. That's how I'm doing it. Jon ------------------------------------------------------------------------------ _______________________________________________ Emc-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/emc-users
