Security basics

kalinix calin.kalinix.cosma at gmail.com
Thu Oct 4 07:23:09 UTC 2007 

On Wed, 2007-10-03 at 19:13 -0700, Tod Merley wrote:
> Hi Patrick and all!
> 
> Someday, Lord willing, I would like to set up a lot of standard ports
> to go to a "honey pot - virtual area" on my systems.  I would love to
> be able to let the attacker do his thing in a safe environment which
> allows me to gather all the information about him and his ways that I
> can.
> 
> Then, I would love to be able to automatically report all of this good
> information to the security community almost as fast as it occurs.
> The thought of some agents knocking on the attacker's door as he
> continues an attack makes me smile.
> 
> To a great future fellows!
> 
> Tod
> 
> On 10/3/07, Patrick <flymooney at gmail.com> wrote:
> > Steve Siegfried wrote:
> >
> > > Changing ports for ssh isn't actually that hot of an idea.  Most port scanners
> > > can detect ssh implementations since they normally self-identify.  For example,
> > > if you're running ssh on the normal port (22), try executing:
> > >       /usr/bin/telnet YOUR.HOST.IP.ADDR 22
> > > and see what pops out.
> > >
> > > Hope this helps'idly,
> > >
> > > -S
> >
> >   Changing SSH ports on my server yielded a 100% drop (yes...100%) in
> > routine script attacks. I still have the usual people checking for
> > phpMyAdmin stuff as well as the others, but nothing comes through on SSH
> > now. And yes, when I did it I heard the whole "security through
> > obscurity is not security" BS but the results cannot be argued with. In
> > summation, CHANGE YOUR SSH PORT. It will work and cut down if not
> > eliminate the script kiddies. Then when someone really starts knocking
> > on your SSH door, it will not be lost in all of the "noise" from the
> > scripters.
> >
> > Patrick
> >
> >
> > --
> > fedora-list mailing list
> > fedora-list at redhat.com
> > To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> >
> 


http://project.honeynet.org/  :)


Calin

=================================================
"Nuclear war would really set back cable." - Ted Turner

More information about the fedora-list mailing list