Poate ar fi bine(daca nu ai deja) sa nu permiti conectare pe root prin ssh, ci printr-un user obisnuit , si de acolo faci su root. In felul asta probabilitatea de a chiti 2 parole si un user e f. mica(ca user obisnuit poti sa pui ceva lung, greu de nimerit, ex.: mama_lor_de_CRACKERI)! O alata posibilitate este sa pornesti ssh-ul pe baza de e-mail. Faci un script care se executa din 5 in 5 minute si cauta un anumit string stiut de tine in mail-le primite. Daca gaseste, at. porneste ssh-ul!
,Iulian [EMAIL PROTECTED] wrote: >Din timp in timp imi apar prin loguri chestii de genul: > >Apr 27 23:56:08 grinch sshd[1129]: Illegal user test from 211.61.205.123 >Apr 27 23:56:08 grinch sshd[1129]: error: Could not get shadow information >for NOUSER >Apr 27 23:56:08 grinch sshd[1129]: Failed password for illegal user test >from 211.61.205.123 port 53376 ssh2 >Apr 27 23:56:15 grinch sshd[1131]: Illegal user guest from 211.61.205.123 >Apr 27 23:56:15 grinch sshd[1131]: error: Could not get shadow information >for NOUSER >Apr 27 23:56:15 grinch sshd[1131]: Failed password for illegal user guest >from 211.61.205.123 port 53552 ssh2 >Apr 27 23:56:21 grinch sshd[1133]: Illegal user admin from 211.61.205.123 >Apr 27 23:56:21 grinch sshd[1133]: error: Could not get shadow information >for NOUSER >Apr 27 23:56:21 grinch sshd[1133]: Failed password for illegal user admin >from 211.61.205.123 port 53716 ssh2 >Apr 27 23:56:26 grinch sshd[1135]: Illegal user admin from 211.61.205.123 >Apr 27 23:56:26 grinch sshd[1135]: error: Could not get shadow information >for NOUSER >Apr 27 23:56:26 grinch sshd[1135]: Failed password for illegal user admin >from 211.61.205.123 port 53862 ssh2 >Apr 27 23:56:32 grinch sshd[1137]: Illegal user user from 211.61.205.123 >Apr 27 23:56:32 grinch sshd[1137]: error: Could not get shadow information >for NOUSER >Apr 27 23:56:32 grinch sshd[1137]: Failed password for illegal user user >from 211.61.205.123 port 53979 ssh2 >Apr 27 23:56:39 grinch sshd[1139]: Failed password for root from >211.61.205.123 port 54129 ssh2 >Apr 27 23:56:44 grinch sshd[1141]: Failed password for root from >211.61.205.123 port 54270 ssh2 >Apr 27 23:56:53 grinch sshd[1143]: Failed password for root from >211.61.205.123 port 54395 ssh2 > >E ceva exploit de ssh ? Sau individul spera sa gaseasca un cont fara >parola ? > >-- >? > > > >--- >Detalii despre listele noastre de mail: http://www.lug.ro/ > > > > > --- Detalii despre listele noastre de mail: http://www.lug.ro/
