MORE SSH Hacking: heads-up <- TCP Wrappers
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Tue Aug 10 14:23:50 UTC 2004
Am Di, den 10.08.2004 schrieb Luis Miguel Cruz um 14:59:
> Use TCP Wrappers: /etc/hosts.allow and /etc/host.deny
That suggestion was already given in the discussion thread. Like pointed
out to use iptables for blocking hosts.
But what does it help on systems where people have to login from
changing IPs and not from a fix IP net?
Keep your systems up to date with security update packages. Never use
accounts (like test or guest) with trivial passwords. Always use a
strong password for each account. Let the current wave of scans for
trivial logins pass. There is nothing really good we can do against it.
Seems all the hosts are already owned and try to enter more systems.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.7-1.494.2.2smp
Serendipity 16:17:33 up 6 days, 9:45, load average: 0.40, 0.25, 0.14
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040810/bb5899e5/attachment-0001.sig>
More information about the fedora-list
mailing list