 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Instead of changing the port which ssh runs on, try http://denyhosts.sf.net It watches your secure.log file for these attacks and blocks them Matthew Shields Sr Systems Administrator NameMedia, Inc. (P) 781-839-2828 mshields at namemedia.com http://www.namemedia.com -----Original Message----- From: discuss-bounces at blu.org [mailto:discuss-bounces at blu.org] On Behalf Of Larry Underhill Sent: Thursday, August 31, 2006 12:41 PM To: Bill Horne Cc: discuss at blu.org Subject: Re: Attack from a reserved address On Wed, 2006-08-30 at 18:54 -0400, Bill Horne wrote: > P.S. I've closed the port, but anyone who wants to test it, just drop > me an email with your IP address. Bill, Dictionary attacks against sshd are really common these days. Have you considered running sshd on a high numbered port? This simple step eliminated these kiddie attacks against my home box. (obviously, this doesn't prevent the more sophisticated attackers) slightly OT: what are the general practices folks that folks take to secure the "public" services on their home boxen? I have ssh and http available. My general take is: * firewall with ssh (on a high num port) and http open. All others are denied. * linux distro w/ current updates * sshd w/ key only access and no remote root login. * apache w/ ServerToken and ServerSignature set so I don't broadcast much info about my apache or platform version. * apache defaults to serving a blank html page. Nothing in cgi-bin. All the sites are served by virtual hosts. Folks port scanning port 80 get nothing. Folks who actually know the domains get served pages. I also rotate passwords for root and my (one) user account. Any other tips/tricks? --Larry -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss at blu.org http://olduvai.blu.org/mailman/listinfo/discuss -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
