I don't bother with that stuff.
One my usernames has a
/home/username/.ssh/authorized_keys which has a public
rsa key in it
then i use the corresponding private key to log in
from another machine (put it in
/home/username/.ssh/id_rsa on a linux box, or
configure a key file in putty for a windows b
On Sat, Jun 18, 2005 at 11:15:25AM +0200, Vincent Lefevre wrote:
> On 2005-06-16 11:51:01 -0500, Thomas Stivers wrote:
> > I ended up going with port knocking and just installed knockd. Too
> > cool, i always thought it was harder to set up than it is. I even
> > have it playing nice with shorewall
On 2005-06-16 12:08:02 -0300, Rogério Brito wrote:
> On Jun 16 2005, michael wrote:
> > I set up sshd_config to use a different port. That stopped them (for
> > now...)
>
> That's only a palliative solution, as you noted.
And some providers filter some ports. However, port 22 is sometimes
filtere
On 2005-06-16 11:51:01 -0500, Thomas Stivers wrote:
> I ended up going with port knocking and just installed knockd. Too
> cool, i always thought it was harder to set up than it is. I even
> have it playing nice with shorewall. Thanks for the suggestions.
The problem with port knocking is that it
I usually install those programs from original source, as they normally
get updated faster then the packages in debian.
But if versions are the same, no reason not to use the debian package
imho ...
Jon Dowland wrote:
Mart Frauenlob wrote:
get 'chkrootkit' (www.chkrootkit.org) and 'rootkit h
Mart Frauenlob wrote:
get 'chkrootkit' (www.chkrootkit.org) and 'rootkit hunter'
(www.rootkit.nl) and check your box.
Any reason why 'apt-get install chkrootkit' wouldn't suffice?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTE
Have you tried searching the list? This has come up many times in the
last few months.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
From: "Thomas Stivers" <[EMAIL PROTECTED]>
To:
Sent: Thursday, June 16, 2005 4:05 PM
Subject: stopping ssh attacks
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Thu, Jun 16, 2005 at 10:16:43AM -0400, Ugo Bellavance wrote:
> michael wrote:
> > On Thu, 2005-06-16 at 09:05 -0500, Thomas Stivers wrote:
> >
> >>I have been getting a huge number of attempts to log into my box via ssh
> >>which fail with invalid username entrys in the logs. Is there already a
On Thu, 16 Jun 2005, Thomas Stivers wrote:
> I have been getting a huge number of attempts to log into my box via ssh
> which fail with invalid username entrys in the logs. Is there already a
> package which will let me look through the logs and dynamically add
> iptables rules to drop anything f
On Jun 16 2005, michael wrote:
> I set up sshd_config to use a different port. That stopped them (for
> now...)
That's only a palliative solution, as you noted.
--
Rogério Brito : [EMAIL PROTECTED] : http://www.ime.usp.br/~rbrito
Homepage of the algorithms package : http://algorithms.berlios.de
On Thu, Jun 16, 2005 at 11:57:52 AM -0400, Bradley Alexander wrote:
> Note that there are also a number of methodologies which accomplish the same
> thing using iptables...One such example is at
> https://lists.netfilter.org/pipermail/netfilter/2005-June/060914.html. TThe
> he extension of this
Thomas Stivers wrote:
I have been getting a huge number of attempts to log into my box via ssh
which fail with invalid username entrys in the logs. Is there already a
package which will let me look through the logs and dynamically add
iptables rules to drop anything from these scanning addresse
michael wrote:
> On Thu, 2005-06-16 at 09:05 -0500, Thomas Stivers wrote:
>
>>I have been getting a huge number of attempts to log into my box via ssh
>>which fail with invalid username entrys in the logs. Is there already a
>>package which will let me look through the logs and dynamically add
>>i
On Thursday 16 June 2005 10:05 am, Thomas Stivers wrote:
> I have been getting a huge number of attempts to log into my box via ssh
> which fail with invalid username entrys in the logs. Is there already a
> package which will let me look through the logs and dynamically add
> iptables rules to dro
On Thu, 2005-06-16 at 09:05 -0500, Thomas Stivers wrote:
> I have been getting a huge number of attempts to log into my box via ssh
> which fail with invalid username entrys in the logs. Is there already a
> package which will let me look through the logs and dynamically add
> iptables rules to dro
I have been getting a huge number of attempts to log into my box via ssh
which fail with invalid username entrys in the logs. Is there already a
package which will let me look through the logs and dynamically add
iptables rules to drop anything from these scanning addresses after
something like 3 a
17 matches
Mail list logo
