Karl Cunningham wrote:
On 1/23/2008 2:48 PM, Ralph Shumaker wrote:
Nicholas Wheeler wrote:
Most of that looks like ssh and dns traffic.
-- Nicholas
Currently, there should be no ssh traffic that I'm aware of. I
eventually want to learn how to ssh into my own machine from somewhere
else, but for now, ssh is not being used by me.
Turn of sshd for now and leave it off. Here are some things to do BEFORE
you bring it back up. Check out $man sshd_config for more.
Protocol 2
PubkeyAuthentication yes
PasswordAuthentication no
ChallengeResponseAuthentication no
PermitRootLogin no
AllowUsers list your valid user names
Karl
That plus I changed my SSH port to something else, and run denyhosts.
Since then I rarely get any login attempts, and most of those only try once.
The router only lets SSH access to one box on my LAN from which I can
get to any others if I need. My router also sends me email logs which
show any log-in attempts.
--
Best Regards,
~DJA.
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
