http://www.linuxformat.com/forums/index.php Help, discussion, magazine feedback and more english (c) Copyright Sat May 25, 2013 2:41 am by Linux Format forums webmaster@linuxformat.com webmaster@linuxformat.com Sat May 25, 2013 2:41 am Sat May 25, 2013 2:41 am http://backend.userland.com/rss phpBB2 RSS Syndication Mod by Lucas 1 http://www.linuxformat.com/forums/ Help, discussion, magazine feedback and more http://www.linuxformat.com/forums/viewtopic.php?p=8866#8866 <br /> Author: <a href='http://www.linuxformat.com/forums/profile.php?mode=viewprofile&u=2319'>RD</a><br /><br /> Posted: Mon Sep 19, 2005 11:57 pm<br /><br /> <br /><br /> Thanks nordle but if i was that worried id simply stop the port on my router and stop sshd untill needed <img src="images/smiles/icon_smile.gif" alt="Smile" border="0" /> http://www.linuxformat.com/forums/viewtopic.php?p=8866#8866 RD Mon Sep 19, 2005 11:57 pm http://www.linuxformat.com/forums/viewtopic.php?p=8866#8866 http://www.linuxformat.com/forums/viewtopic.php?p=8862#8862 <br /> Author: <a href='http://www.linuxformat.com/forums/profile.php?mode=viewprofile&u=167'>nordle</a><br /><br /> Posted: Mon Sep 19, 2005 9:43 pm<br /><br /> <br /><br /> I don't know realistically how much extra security it gives, but you can change:<br /> <br /> 1. Only allow ssh version 2 connections<br /> 2. Change the AllowUsers section to only include an internal IP range<br /> 3. Change the default port number from 22<br /> <br /> As well as the key access, I have no idea if these are any good or not, just some notes I've got. http://www.linuxformat.com/forums/viewtopic.php?p=8862#8862 nordle Mon Sep 19, 2005 9:43 pm http://www.linuxformat.com/forums/viewtopic.php?p=8862#8862 http://www.linuxformat.com/forums/viewtopic.php?p=8854#8854 <br /> Author: <a href='http://www.linuxformat.com/forums/profile.php?mode=viewprofile&u=2319'>RD</a><br /><br /> Posted: Mon Sep 19, 2005 4:58 pm<br /><br /> <br /><br /> i have <img src="images/smiles/icon_smile.gif" alt="Smile" border="0" />, thanks any way just thought i would let ever one know maybe they can see if there system has been attacked like mine http://www.linuxformat.com/forums/viewtopic.php?p=8854#8854 RD Mon Sep 19, 2005 4:58 pm http://www.linuxformat.com/forums/viewtopic.php?p=8854#8854 http://www.linuxformat.com/forums/viewtopic.php?p=8852#8852 <br /> Author: <a href='http://www.linuxformat.com/forums/profile.php?mode=viewprofile&u=5'>nelz</a><br /><br /> Posted: Mon Sep 19, 2005 4:14 pm<br /><br /> <br /><br /> It happens all the time. the safest approach is to disable password logins to SSH, limiting it to key authorisations only. http://www.linuxformat.com/forums/viewtopic.php?p=8852#8852 nelz Mon Sep 19, 2005 4:14 pm http://www.linuxformat.com/forums/viewtopic.php?p=8852#8852 http://www.linuxformat.com/forums/viewtopic.php?p=8846#8846 <br /> Author: <a href='http://www.linuxformat.com/forums/profile.php?mode=viewprofile&u=2319'>RD</a><br /><br /> Posted: Mon Sep 19, 2005 1:28 pm<br /><br /> <br /><br /> Hi<br /> <br /> today i looked at my system logs (main auth.log) and found that there has been 6 ssh attempts on my computer <img src="images/smiles/icon_eek.gif" alt="Shocked" border="0" /> none of which have got in <img src="images/smiles/icon_biggrin.gif" alt="Very Happy" border="0" /> <br /> <br /> it would seem from the auth.log that they are using a dictionary mounted attack (god help them if there using John as that is use less still has not broken my password since LXF 71 was released). So im posting just to say check you auth.log see if there are any ssh connections to your box i dont know if these attacks are from a company/script kiddie or other http://www.linuxformat.com/forums/viewtopic.php?p=8846#8846 RD Mon Sep 19, 2005 1:28 pm http://www.linuxformat.com/forums/viewtopic.php?p=8846#8846