Re: [Fwd: security]

To: debian-security@lists.debian.org
Subject: Re: [Fwd: security]
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sun, 30 Jan 2005 10:49:54 -0200
Message-id: <[🔎] 20050130124954.GC14261@khazad-dum.debian.net>
In-reply-to: <[🔎] 20050129194843.GA23004@littleprojects.org>
References: <[🔎] 1107011135.20873.2.camel@localhost.localdomain> <[🔎] 20050129194843.GA23004@littleprojects.org>

On Sat, 29 Jan 2005, smj@littleprojects.org wrote:
> There are a lot of SSH brute force attacking scripts out there right
> now.  I see them here at home and I see them try to get into the work
> machines all of the time.  A firewall will help you, but you will want
> to ensure that SSH is secured as well.

Yes. If you know the range of IPs you're likely to use, even something as
simple as tcpwrappers (/etc/hosts.allow, /etc/hosts.deny) will avoid a lot
of trouble for ssh.

And you really really should consider killing off all password autentication
from ssh altogether, and use only RSA/DSA-based auth.  That is supposed to
not be brute-forceable by anyone short of the kind of people who owns black
helicopters, so it will get rid of the script-kiddies until the next ssh
security bug shows up.

As long as you protect the RSA/DSA keys properly, of course.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

Follow-Ups:
- Re: [Fwd: security]
  - From: Gerrit Pape <pape@smarden.org>

References:
- [Fwd: security]
  - From: michael <linux@networkingnewsletter.org.uk>
- Re: [Fwd: security]
  - From: smj@littleprojects.org

Prev by Date: Re: woody kernel image
Next by Date: Re: woody kernel image
Previous by thread: Re: [Fwd: security]
Next by thread: Re: [Fwd: security]
Index(es):
- Date
- Thread