smal wrote: > On a slightly different note, but I hope it is still to the topic: > > A lot of *nix hacks are the result of a brute force attack on ssh > accounts - try to deploy tools like DenyHosts. They check the access > log regularly and when a brute-force pattern is found, a given IP > address is permanently blocked in /etc/hosts.deny. > > One more way to make hacking into a machine more difficult. Plus, > installing DenyHosts is very easy. >
Using Kerberos or another key-authentication protocol would work too. It is also smart to set the sshd configuration file to not permit root login, so that if an account is hacked, it is not immediately the root account. I host my own servers in-house on a commercial DSL account, so I have a packet filter rule that refuses all ssh connection entering through my gateway router... only the local machines that I personally use for admini... the three machines in my office... can ssh into my servers. I got tired of seeing all the moronic login attempts in my logs every morning. The packet filter rule does NOT return any reply, either, it just drops the packets, and leaves the machine attempting to connect hanging, until it reaches its default timeout. -- -wittig http://www.robertwittig.com/ http://robertwittig.net/ http://robertwittig.org/ . To unsubscribe from this list, please email [EMAIL PROTECTED] & you will be removed. Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/LINUX_Newbies/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/LINUX_Newbies/join (Yahoo! ID required) <*> To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
