SSH2

[Patrick Campbell]

I don't know how it is configured out of the box, it's pretty easy to test
it...  Add a deny to hosts.deny like

SSHD: 127.0.0.1  

...and then try to SSH to localhost.

Although it is unconventional, I changed my SSH listen port years ago.  I
went from 20 attempts per day to 0 and I don't bother with the
hosts.allow/deny anymore. 

The only thing you have to worry about is if you go somewhere that has
highly restrictive outgoing ports which is fairly uncommon (think cruise
ship or hotel maybe?).  If you're going on vacation or whatever you might
decide to change back to port 22 and  open it up for that time being.


-- 
Patrick Campbell
OurVacationStore.com
Website Administrator
Tel. 602.896.4729
-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]
On Behalf Of R. McFarlane
Sent: Tuesday, April 05, 2005 1:51 PM
To: General Red Hat Linux discussion list
Subject: Re: SSH2

At 01:20 PM 4/5/2005, Burke, Thomas G., had this to say :

>All,
>
>         I've always thought this interesting, so I'll ask...  I thought 
> SSH(2) used hosts.deny & hosts.allow.  I find it interesting, then, that 
> I get so many (L)users trying to hack my SSH connection.  Any 
> thoughts?  Maybe I missed something in my setup?


         hosts.deny and hosts.allow are part of TCP wrappers. AFAIK, you 
have to build ssh with support for it, to use these files.

         The ssh "attacks" are part of a "script-kit" or worm trying to 
break in through weak passwords and/or older ssh (v1). These attacks are 
filling up the logs that is for sure. :(


Sincerely,

R. McFarlane

cross platform specialist
Mac - Linux - windows

McFarlane Computing
on-site/remote tutorials, support & training
(phone) 391-8972
(fax) 391-8972
(pager) 413-8577
(email) techie @ mcfarlanecomputing . net 

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list