Re: illegal user logon
On 8/20/05, Dr Gavin Seddon <firstname.lastname@example.org> wrote:
> I have noticed in my log there has been people trying to logon to my
> debian box. Is there any software available to stop this, or should I
> use pam to restrict access?
This isn't likely to have any answers where AMD64 is particularly relevant.
In principle, you might try using ipchains/iptables to cease access to
ports that access services that outsiders oughtn't access.
If they are trying plain old ssh, and there's a lot of password
guessing going on, you might consider configuring it to accept only
ssh keys for authentication. That would doubtless add a certain
inconvenience factor, but keep password guessing from being AT ALL
effective as an attack...
"The true measure of a man is how he treats someone who can do him
absolutely no good." -- Samuel Johnson, lexicographer (1709-1784)