On Jan 23, 2008 4:01 PM, DJA <[EMAIL PROTECTED]> wrote: > Karl Cunningham wrote: > > On 1/23/2008 2:48 PM, Ralph Shumaker wrote: > >> Nicholas Wheeler wrote: > >>> Most of that looks like ssh and dns traffic. > >>> > >>> -- Nicholas > >>> > >> > >> Currently, there should be no ssh traffic that I'm aware of. I > >> eventually want to learn how to ssh into my own machine from somewhere > >> else, but for now, ssh is not being used by me. > > > > Turn of sshd for now and leave it off. Here are some things to do BEFORE > > you bring it back up. Check out $man sshd_config for more. > > > > Protocol 2 > > PubkeyAuthentication yes > > PasswordAuthentication no > > ChallengeResponseAuthentication no > > PermitRootLogin no > > AllowUsers list your valid user names > > > > Karl > > That plus I changed my SSH port to something else, and run denyhosts. > Since then I rarely get any login attempts, and most of those only try once. > > The router only lets SSH access to one box on my LAN from which I can > get to any others if I need. My router also sends me email logs which > show any log-in attempts. >
Second the mention of DenyHosts. <http://denyhosts.sourceforge.net/> carl -- carl lowenstein marine physical lab u.c. san diego [EMAIL PROTECTED] -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
