On Sun, 21 Jun 2009 00:17:30 +0300 (AST)
fabian wrote:
> The problem was solved after using a non standard port for ssh.
You haven't solved the problem, because you haven't solved this problem:
> but wonder how it was gettin through my firewall
You should be finding this out. Traffic of unknow
>
>
>> > [Normal log stuff from dictionary attack deleted...]
>>
>> This is common, and, presuming you have good passwords or only
>> accept authorized_keys, not a real problem other than large log
>> files.
>>
>> Look at fail2ban for a method that will automatically add
>> iptables blocks when thi
Hi,
The Wiki has a page specifically on securing SSH:
http://wiki.centos.org/HowTos/Network/SecuringSSH
It should give you some good ideas.
HTH,
Filipe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Dear All,
Tahnks to all you guys for immediate reply
by the way i jus hav modified the firewall by explicitly specifiying a
rule to block ssh traffic from outside
i will wait for sometime and check the log again
thnaks again guys
apprecite your replies
Regards
Fabian
> 2009/6/19 Cisco-Educat
Linux Advocate wrote:
>
>>> [Normal log stuff from dictionary attack deleted...]
>> This is common, and, presuming you have good passwords or only
>> accept authorized_keys, not a real problem other than large log
>> files.
>>
>> Look at fail2ban for a method that will automatically add
>> iptab
2009/6/19 Cisco-Education :
> Dear All,
>
> I have the following setup running perfectly OK for a long time
>
> CentOS release 5 (Final)
> sendmail-8.13.8-2.el5
> MailScanner 4.76.25
> bind-9.3.4-6.0.3.P1.el5_2
>
> now i jus setup a centos box running BackupPC for backing up my my above
> mail serv
> > [Normal log stuff from dictionary attack deleted...]
>
> This is common, and, presuming you have good passwords or only
> accept authorized_keys, not a real problem other than large log
> files.
>
> Look at fail2ban for a method that will automatically add
> iptables blocks when this occurs
On Fri, 19 Jun 2009 19:54:37 +0300 (AST)
Cisco-Education wrote:
> Now both the Mail server and the backup pc server behind firewall and ssh
> protocol is denied to the hosts in the DMZ zone
This statement is incorrect. What you think you have set up isn't what you
actually have set up. The outs
In my opinion, the easiest way to handle this is to move the SSH ports.
Then just
pass the -p (port) option for logging in. While this is not bullet
proof, it will stop 99.9%
of Brute Force attempts.
~Ron
Cisco-Education wrote:
Dear All,
I have the following setup running perfectly OK f
On Fri, Jun 19, 2009, Cisco-Education wrote:
>Dear All,
>
>I have the following setup running perfectly OK for a long time
>
>CentOS release 5 (Final)
>sendmail-8.13.8-2.el5
>MailScanner 4.76.25
>bind-9.3.4-6.0.3.P1.el5_2
>
>now i jus setup a centos box running BackupPC for backing up my my above
>
Cisco-Education wrote:
> Jun 19 16:26:06 kmdns1 sshd[11073]: Invalid user jeka from 87.118.122.78
> Jun 19 16:26:06 kmdns1 sshd[11074]: input_userauth_request: invalid user jeka
> Jun 19 16:26:06 kmdns1 sshd[11074]: Received disconnect from
> 87.118.122.78: 11: Bye Bye
> Now both the Mail server
Dear All,
I have the following setup running perfectly OK for a long time
CentOS release 5 (Final)
sendmail-8.13.8-2.el5
MailScanner 4.76.25
bind-9.3.4-6.0.3.P1.el5_2
now i jus setup a centos box running BackupPC for backing up my my above
mail server using ssh as per the instructions in backup
12 matches
Mail list logo