 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
At 02:29 PM 7/25/2005, Don Levey wrote:
>Dan wrote:
>
>iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
>-j LOG --log-level WARN --log-prefix REJECT-SSH --log-ip-options
>
>Should allow me to log this also?
This is already being logged by sshd in /var/log/secure:
Illegal user guest from 218.21.129.102
I like that iptables solution.
My current solution is to use tcp wrappers to allow access only to select addresses (may not meet your needs.)
Alternatively have ssh listen on an different port. Security through obscurity, but it keeps the simple script attacks at bay.
Always use AllowUsers (or AllowGroups). It not, then at least DenyUsers root.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
