Re: intrusion via ssh

To: debian-user@lists.debian.org
Subject: Re: intrusion via ssh
From: Jiann-Ming Su <sujiannming@gmail.com>
Date: Fri, 1 Apr 2005 21:58:47 -0500
Message-id: <[🔎] 561dc326050401185879f99096@mail.gmail.com>
Reply-to: Jiann-Ming Su <sujiannming@gmail.com>
In-reply-to: <dbe71fb505033102556b1dc9d4@mail.gmail.com>
References: <dbe71fb505033102556b1dc9d4@mail.gmail.com>

On Mar 31, 2005 5:55 AM, Frederic Guillet <fguillet@gmail.com> wrote:
> 
> I have about 500 attemps with different usernames and the same IP so i
> guess it is a robot which is trying to enter my system.
> 
> the pb with such log is that it does not say if the user has succeeded
> to enter the machine or if the attempt has failed.
> 
> any config advice or tutorial are welcome.
>

1.  Limit access to port 22 with iptables.
2.  Enable RSA keys and disable password authentication for sshd. 

-- 
Jiann-Ming Su
"I have to decide between two equally frightening options. 
 If I wanted to do that, I'd vote." --Duckman

Reply to:

Prev by Date: Re: intrusion via ssh
Next by Date: Re: Vigilanteism [was: Re: Re: intrusion via ssh]
Previous by thread: Re: intrusion via ssh
Next by thread: Re: intrusion via ssh
Index(es):
- Date
- Thread