Re: illegal user logon
On 8/20/05, Dr Gavin Seddon <gavin.m.seddon@man.ac.uk> wrote:
> I have noticed in my log there has been people trying to logon to my
> debian box. Is there any software available to stop this, or should I
> use pam to restrict access?
This isn't likely to have any answers where AMD64 is particularly relevant.
In principle, you might try using ipchains/iptables to cease access to
ports that access services that outsiders oughtn't access.
If they are trying plain old ssh, and there's a lot of password
guessing going on, you might consider configuring it to accept only
ssh keys for authentication. That would doubtless add a certain
inconvenience factor, but keep password guessing from being AT ALL
effective as an attack...
--
http://www3.sympatico.ca/cbbrowne/linux.html
"The true measure of a man is how he treats someone who can do him
absolutely no good." -- Samuel Johnson, lexicographer (1709-1784)
Reply to: