[K12OSN] reporting and/or stopping cracking attempts on server
Rob Owens
rowens at ptd.net
Fri Mar 18 00:41:34 UTC 2011
On Thu, Mar 17, 2011 at 10:27:25AM -0700, Carl Keil wrote:
> Hello folks,
>
> For those of you that run servers exposed to the outside world, I
> just wanted to send a ping out and see what others are doing about
> this. I'm seeing an escalation in what I call "brute force" attacks
> on my server. Like people trying to SSH in repeatedly from one IP
> with common sounding user names. Or lots of http requests (I've got
> web on the same server) for ....setup.php or setup.pl etc. Repeated
> Auth requests to sendmail.
>
Limit ssh to only users who need it. See "AllowUsers" in sshd_config.
Use only public key authentication for ssh. In sshd_config, set:
PasswordAuthentication no
-Rob
More information about the K12OSN
mailing list