hi skip,
if using linux, try this http://denyhosts.sourceforge.net/
regards,
manuel.
On 08/03/2008, at 1:49, [EMAIL PROTECTED] wrote:
Thanks Vince
I have a firewall, but not the best and the apache server is on the
dmz. Can't figure out (if it is possible) to blacklist IPs on the
dmz.
This is a fairly sophisticated operation with money to spend on
security appliances.
Skip
-----Original Message-----
From: Vince M. Clark [mailto:[EMAIL PROTECTED]
Sent: Friday, March 07, 2008 1:00 PM
To: [email protected]
Subject: Re: Server Security
I'm no network guru, but here are some ideas.
1) Fairly cheap and easy solution - If you have a spare server on
your network, or if you have one virtualized and can create a
virtual server for ssh access from the outside, then you could
restrict ssh on your OfBiz server to only accept connections from
internal IP's. So from the outside you would connect to your
dedicated ssh box and then ssh from there to your OfBiz server.
2) A bit more sophisticated solution - I think a good firewall will
have some penetration detection capabilities. So for example, you
could configure your firewall to blacklist IP's after a certain
number of attempts to connect to your server over ssh. If a firewall
can't do this I'm sure there are other network appliances or
software you could install on the server to perform intrusion
detection.
----- Original Message -----
From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
To: [email protected], "Jacques Le Roux" <[EMAIL PROTECTED]
>
Sent: Friday, March 7, 2008 1:55:02 PM (GMT-0700) America/Denver
Subject: Server Security
This is a bit off topic, but I am betting someone can offer some
advice.
My newly installed servers for my first ofbiz installation are getting
hammered with SSH login requests and probably others I do not know
about. I
need to expose SSH on at least one to allow me to manage the servers
remotely. I am also concerned that someone will eventually guess the
password to one of the ofbiz accounts (I am getting one login
request every
10 seconds). I am also concerned about the bandwidth being consumed by
these pirates.
I am considering requiring ssl certificates to any who want to use
SSH or
https to the backoffice apps, but can't find any good books on the
topic.
Can anyone offer any advice on a direction or in particular, a good
book on
the topic. I am configured with an apache server fronting an ofbiz
server,
with the ofbiz server having NAT internet access for address lookups
and
freight charge lookups. The apache/mail server is the one currently
getting
hammered. I have temporarily shut down apache and ssh till I get the
issue
resolved.
Skip
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.4/1313 - Release Date:
3/5/2008
9:50 AM
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.4/1313 - Release Date:
3/5/2008 9:50 AM
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.4/1313 - Release Date:
3/5/2008 9:50 AM
