hi
I
need help for expert here
from the below
log some 1 is trying to break in to my box and they have successfully
do hack in when use RH 7.2
Now I am using RH
7.3 with Firewall enable which include in RH 7.3,
now I am using
'hosts.allow' to stop people from ssh to my
box
ALL
:192.168.8.
: allow
sshd :
ALL
: allow
telnetd : ALL : banners /etc/banners : deny
ftpd : ALL : banners /etc/banners : deny
ALL : ALL : deny
smtp : ALL :allow
telnetd : ALL : banners /etc/banners : deny
ftpd : ALL : banners /etc/banners : deny
ALL : ALL : deny
smtp : ALL :allow
when I try from
office or dial-up access "ssh1 -l homepc homepc.homeip.net"
connect is refuse.
and dun even ask me
to enter passwd
here is my
question
1) how to I prevent
hacker from using ssh to my box since I am alreadi can't 'ssh' to my box n
connection is refuse
why they still can
ssh.
[root@homepc
log]# cat secure | grep illegal
Jul 16 21:15:10 homepc sshd[1662]: Failed password for illegal user sep from 202.152.37.133 port 61245
Jul 16 22:06:43 homepc sshd[3042]: Failed password for illegal user sep from 202.152.37.133 port 61359
Jul 17 01:18:33 homepc sshd[4320]: Failed password for illegal user capung from 202.152.37.133 port 61525
Jul 17 01:18:35 homepc sshd[4320]: Failed password for illegal user capung from 202.152.37.133 port 61525
Jul 17 04:30:20 homepc sshd[5566]: Failed password for illegal user ilalang from 202.95.158.74 port 1386
Jul 17 04:31:01 homepc sshd[5572]: Failed password for illegal user jabrix from 202.95.158.74 port 1387
Jul 17 22:30:22 homepc sshd[7469]: Failed password for illegal user ilalang from 203.130.238.157 port 1708
Jul 18 16:01:10 homepc sshd[10171]: Failed password for illegal user jack from 202.95.156.251 port 63266
Jul 18 16:01:16 homepc sshd[10171]: Failed password for illegal user jack from 202.95.156.251 port 63266
Jul 18 16:10:05 homepc sshd[10198]: Failed password for illegal user jack from 202.95.156.251 port 63348
Jul 18 16:52:24 homepc sshd[10245]: Failed password for illegal user itt28081 from 202.95.156.251 port 63780
Jul 18 20:06:54 homepc sshd[10665]: Failed password for illegal user wendra from 203.130.250.35 port 1967
Jul 16 21:15:10 homepc sshd[1662]: Failed password for illegal user sep from 202.152.37.133 port 61245
Jul 16 22:06:43 homepc sshd[3042]: Failed password for illegal user sep from 202.152.37.133 port 61359
Jul 17 01:18:33 homepc sshd[4320]: Failed password for illegal user capung from 202.152.37.133 port 61525
Jul 17 01:18:35 homepc sshd[4320]: Failed password for illegal user capung from 202.152.37.133 port 61525
Jul 17 04:30:20 homepc sshd[5566]: Failed password for illegal user ilalang from 202.95.158.74 port 1386
Jul 17 04:31:01 homepc sshd[5572]: Failed password for illegal user jabrix from 202.95.158.74 port 1387
Jul 17 22:30:22 homepc sshd[7469]: Failed password for illegal user ilalang from 203.130.238.157 port 1708
Jul 18 16:01:10 homepc sshd[10171]: Failed password for illegal user jack from 202.95.156.251 port 63266
Jul 18 16:01:16 homepc sshd[10171]: Failed password for illegal user jack from 202.95.156.251 port 63266
Jul 18 16:10:05 homepc sshd[10198]: Failed password for illegal user jack from 202.95.156.251 port 63348
Jul 18 16:52:24 homepc sshd[10245]: Failed password for illegal user itt28081 from 202.95.156.251 port 63780
Jul 18 20:06:54 homepc sshd[10665]: Failed password for illegal user wendra from 203.130.250.35 port 1967