SSH2

Burke, Thomas G. tg.burke at ngc.com
Wed Apr 6 12:04:02 UTC 2005 

Now that's a pretty good idea...
 
    -Tom

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]On Behalf Of Patrick Campbell
Sent: Tuesday, April 05, 2005 6:23 PM
To: 'General Red Hat Linux discussion list'
Subject: RE: SSH2



I don't know how it is configured out of the box, it's pretty easy to test 
it...  Add a deny to hosts.deny like 

SSHD: 127.0.0.1  

...and then try to SSH to localhost. 

Although it is unconventional, I changed my SSH listen port years ago.  I 
went from 20 attempts per day to 0 and I don't bother with the 
hosts.allow/deny anymore. 

The only thing you have to worry about is if you go somewhere that has 
highly restrictive outgoing ports which is fairly uncommon (think cruise 
ship or hotel maybe?).  If you're going on vacation or whatever you might 
decide to change back to port 22 and  open it up for that time being. 


-- 
Patrick Campbell 
OurVacationStore.com 
Website Administrator 
Tel. 602.896.4729 
-----Original Message----- 
From: redhat-list-bounces at redhat.com [ mailto:redhat-list-bounces at redhat.com] 
On Behalf Of R. McFarlane 
Sent: Tuesday, April 05, 2005 1:51 PM 
To: General Red Hat Linux discussion list 
Subject: Re: SSH2 

At 01:20 PM 4/5/2005, Burke, Thomas G., had this to say : 

>All, 
> 
>         I've always thought this interesting, so I'll ask...  I thought 
> SSH(2) used hosts.deny & hosts.allow.  I find it interesting, then, that 
> I get so many (L)users trying to hack my SSH connection.  Any 
> thoughts?  Maybe I missed something in my setup? 


         hosts.deny and hosts.allow are part of TCP wrappers. AFAIK, you 
have to build ssh with support for it, to use these files. 

         The ssh "attacks" are part of a "script-kit" or worm trying to 
break in through weak passwords and/or older ssh (v1). These attacks are 
filling up the logs that is for sure. :( 


Sincerely, 

R. McFarlane 

cross platform specialist 
Mac - Linux - windows 

McFarlane Computing 
on-site/remote tutorials, support & training 
(phone) 391-8972 
(fax) 391-8972 
(pager) 413-8577 
(email) techie @ mcfarlanecomputing . net 

-- 
redhat-list mailing list 
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe 
https://www.redhat.com/mailman/listinfo/redhat-list 
-- 
redhat-list mailing list 
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe 
https://www.redhat.com/mailman/listinfo/redhat-list

More information about the redhat-list mailing list