Re: illegal user logon
I assumed iptables,
thanks for the reply.
Gavin.
On Sat, 2005-08-20 at 16:23 -0400, Christopher Browne wrote:
> On 8/20/05, Dr Gavin Seddon <gavin.m.seddon@man.ac.uk> wrote:
> > I have noticed in my log there has been people trying to logon to my
> > debian box. Is there any software available to stop this, or should I
> > use pam to restrict access?
>
> This isn't likely to have any answers where AMD64 is particularly relevant.
>
> In principle, you might try using ipchains/iptables to cease access to
> ports that access services that outsiders oughtn't access.
>
> If they are trying plain old ssh, and there's a lot of password
> guessing going on, you might consider configuring it to accept only
> ssh keys for authentication. That would doubtless add a certain
> inconvenience factor, but keep password guessing from being AT ALL
> effective as an attack...
Reply to: