tightening ssh
Trevor "TeC" Christian
trevor at bouyon.dalive.com
Mon Nov 21 22:40:36 UTC 2005
oleksandr korneta wrote:
>
>
> on 11/19/2005 07:47 AM Claude Jones wrote:
>
>> I've been reading up, and talking up, various security strategies.
>> One thing that is striking to me in looking at logs for my servers
>> are the endless ssh probes that go on. It appears to be one of the
>> most common. Up till recently,
>
> http://denyhosts.sourceforge.net/
>
> <quote>
> DenyHosts is a script intended to be run by Linux system
> administrators to help thwart ssh server attacks.
>
> If you've ever looked at your ssh log (/var/log/secure on Redhat,
> /var/log/auth.log on Mandrake, etc...) you may be alarmed to see how
> many hackers attempted to gain access to your server. Hopefully, none
> of them were successful (but then again, how would you know?).
> Wouldn't it be better to automatically prevent that attacker from
> continuing to gain entry into your system?
> </quote>
>
> I'm using it for couple months. Simple installation, couple minutes
> for modification of config file and it works like a charm.
>
I was just running through the responses to this thread to see if anyone
had suggested this application.
Granted it is a defense which is somewhat "after the fact" but it does
and has blocked quite a number of onslaughts on servers i maintain -
having noted almost 200 attacks on one particular server since
installation a couple of months ago.
I too am interested in finding other ways to protect rather than defend.
--
*Trevor "TeC" Christian*
/TeC Productions Studios/
Cell #: (767) 225 4472
IM
MSN: trevorc98 at hotmail.com / trevor at bouyon.dalive.com
YM : trevorc01 at yahoo.com
AIM: DoubleOTeC
GoogleTalk: doubleOTeC at gmail.com
------------------------------------------------------------------------
Home Page <http://trevor.bouyon.dalive.com/>
Curriculum Vitae <http://bouyon.dalive.com/cv/>
Dalive Market <http://www.dalivemarket.com/>
More information about the fedora-list
mailing list