Manuel Thanks a load. This is perfect. Along with changing the ssh port, this should solve the problem completely.
Skip -----Original Message----- From: Manuel Desdin [mailto:[EMAIL PROTECTED] Sent: Friday, March 07, 2008 4:51 PM To: [email protected] Subject: Re: Server Security hi skip, if using linux, try this http://denyhosts.sourceforge.net/ regards, manuel. On 08/03/2008, at 1:49, [EMAIL PROTECTED] wrote: > Thanks Vince > > I have a firewall, but not the best and the apache server is on the > dmz. Can't figure out (if it is possible) to blacklist IPs on the > dmz. > > This is a fairly sophisticated operation with money to spend on > security appliances. > > Skip > > -----Original Message----- > From: Vince M. Clark [mailto:[EMAIL PROTECTED] > Sent: Friday, March 07, 2008 1:00 PM > To: [email protected] > Subject: Re: Server Security > > > I'm no network guru, but here are some ideas. > > 1) Fairly cheap and easy solution - If you have a spare server on > your network, or if you have one virtualized and can create a > virtual server for ssh access from the outside, then you could > restrict ssh on your OfBiz server to only accept connections from > internal IP's. So from the outside you would connect to your > dedicated ssh box and then ssh from there to your OfBiz server. > > 2) A bit more sophisticated solution - I think a good firewall will > have some penetration detection capabilities. So for example, you > could configure your firewall to blacklist IP's after a certain > number of attempts to connect to your server over ssh. If a firewall > can't do this I'm sure there are other network appliances or > software you could install on the server to perform intrusion > detection. > > ----- Original Message ----- > From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > To: [email protected], "Jacques Le Roux" <[EMAIL PROTECTED] > > > Sent: Friday, March 7, 2008 1:55:02 PM (GMT-0700) America/Denver > Subject: Server Security > > This is a bit off topic, but I am betting someone can offer some > advice. > > My newly installed servers for my first ofbiz installation are getting > hammered with SSH login requests and probably others I do not know > about. I > need to expose SSH on at least one to allow me to manage the servers > remotely. I am also concerned that someone will eventually guess the > password to one of the ofbiz accounts (I am getting one login > request every > 10 seconds). I am also concerned about the bandwidth being consumed by > these pirates. > > I am considering requiring ssl certificates to any who want to use > SSH or > https to the backoffice apps, but can't find any good books on the > topic. > > Can anyone offer any advice on a direction or in particular, a good > book on > the topic. I am configured with an apache server fronting an ofbiz > server, > with the ofbiz server having NAT internet access for address lookups > and > freight charge lookups. The apache/mail server is the one currently > getting > hammered. I have temporarily shut down apache and ssh till I get the > issue > resolved. > > Skip > No virus found in this outgoing message. > Checked by AVG Free Edition. > Version: 7.5.516 / Virus Database: 269.21.4/1313 - Release Date: > 3/5/2008 > 9:50 AM > > > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.516 / Virus Database: 269.21.4/1313 - Release Date: > 3/5/2008 9:50 AM > > > No virus found in this outgoing message. > Checked by AVG Free Edition. > Version: 7.5.516 / Virus Database: 269.21.4/1313 - Release Date: > 3/5/2008 9:50 AM > > No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.21.4/1313 - Release Date: 3/5/2008 9:50 AM No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.21.4/1313 - Release Date: 3/5/2008 9:50 AM
