[PLUG] Fun with IPTables
alan
alan at clueserver.org
Fri Jul 28 20:27:31 UTC 2006
On Fri, 28 Jul 2006, Rich Shepard wrote:
> On Fri, 28 Jul 2006, Tim Slighter wrote:
>
>> As for SSH tunnels, I beg to disagree and contend that there should not
>> even be an SSH tunnel, the less services running on your home system, the
>> less opportunity for people trying to find a way in.
>
> Almost every day my sshd log shows folks -- primarily from Asia -- trying
> to get in as 'root,' 'test,' and similar names. Of course, they're not
> allowed in, but it's interesting to see the constant attempts.
Yeah. I use "denyhosts" to block those. I got tired of the repeated
attempts from the same servers over and over and over again.
If you configure ssh correctly, there should not be any security issues.
Use public key, disable ssh v1, and remove cleartext passwords.
--
"I want to live just long enough to see them cut off Darl's head and
stick it on a pike as a reminder to the next ten generations that some
things come at too high a price. I would look up into his beady eyes and
wave, like this... (*wave*!). Can your associates arrange that for me,
Mr. McBride?"
- Vir "Flounder" Kotto, Sr. VP, IBM Empire.
More information about the PLUG
mailing list