[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Help: System intrusion through ssh and a weak password



k12osn-request redhat com wrote:
Message: 1
Date: Sat, 5 May 2007 12:10:03 +0200
From: Nils Breunese <nils breun nl>
Subject: Re: [K12OSN] Help: System intrusion through ssh and a weak
	password
To: "Support list for open source software in schools."
	<k12osn redhat com>
Message-ID: <F470FC43-A45D-4E16-8F4F-72DE5F9C2385 breun nl>
Content-Type: text/plain; charset="us-ascii"

Op 5-mei-2007, om 8:53 heeft Nadav Kavalerchik het volgende geschreven:

  
we're using freenx through ssh to remote control all the school  
that are installed with ltsp

what we did is moved the ssh port somewhere high in the port list,  
it solved all the "scanning" and trying to "break in" log entries  
that we used to see in the log file :-)

(i wonder how long it will last)
    

I like to setup SSH keys, disable PasswordAuthentication and install  
something like Fail2Ban or DenyHosts. That should keep them out and  
keep your logs from growing like mad.

Nils Breunese.

  

I use also use fail2ban (http://sourceforge.net/projects/fail2ban ), which scans the system logs and when someone gets a password wrong X number of times in Y time period, their IP address is blocked for Z ammount of time. I use it on a debian machine, and there is a package, but it can be used on other flavors of Linux as well.

Sam
http://www.onlinegrades.org/ - Free software for securely posting student grades online

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]