SSH2
Burke, Thomas G.
tg.burke at ngc.com
Wed Apr 6 12:04:02 UTC 2005
Now that's a pretty good idea...
-Tom
-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]On Behalf Of Patrick Campbell
Sent: Tuesday, April 05, 2005 6:23 PM
To: 'General Red Hat Linux discussion list'
Subject: RE: SSH2
I don't know how it is configured out of the box, it's pretty easy to test
it... Add a deny to hosts.deny like
SSHD: 127.0.0.1
...and then try to SSH to localhost.
Although it is unconventional, I changed my SSH listen port years ago. I
went from 20 attempts per day to 0 and I don't bother with the
hosts.allow/deny anymore.
The only thing you have to worry about is if you go somewhere that has
highly restrictive outgoing ports which is fairly uncommon (think cruise
ship or hotel maybe?). If you're going on vacation or whatever you might
decide to change back to port 22 and open it up for that time being.
--
Patrick Campbell
OurVacationStore.com
Website Administrator
Tel. 602.896.4729
-----Original Message-----
From: redhat-list-bounces at redhat.com [ mailto:redhat-list-bounces at redhat.com]
On Behalf Of R. McFarlane
Sent: Tuesday, April 05, 2005 1:51 PM
To: General Red Hat Linux discussion list
Subject: Re: SSH2
At 01:20 PM 4/5/2005, Burke, Thomas G., had this to say :
>All,
>
> I've always thought this interesting, so I'll ask... I thought
> SSH(2) used hosts.deny & hosts.allow. I find it interesting, then, that
> I get so many (L)users trying to hack my SSH connection. Any
> thoughts? Maybe I missed something in my setup?
hosts.deny and hosts.allow are part of TCP wrappers. AFAIK, you
have to build ssh with support for it, to use these files.
The ssh "attacks" are part of a "script-kit" or worm trying to
break in through weak passwords and/or older ssh (v1). These attacks are
filling up the logs that is for sure. :(
Sincerely,
R. McFarlane
cross platform specialist
Mac - Linux - windows
McFarlane Computing
on-site/remote tutorials, support & training
(phone) 391-8972
(fax) 391-8972
(pager) 413-8577
(email) techie @ mcfarlanecomputing . net
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list