Re: how to find trace of attacks
Douglas A. Tutty wrote:
> On Wed, Dec 31, 2008 at 01:28:47PM +0100, Abdelkader Belahcene wrote:
>> I am simpler user on laptop, with ssh server running. Ther is no
>> important data on my laptop!!!
>
> Curious. Why any server running on a laptop? Do you limit the ssh to
> rsa/dsa or do you allow passwords? IOW, how have you hardened up the
> ssh server?
>
> Doug.
>
>
fail2ban
knockd
knocker
denyhosts
http://www.debian-administration.org/articles/187
http://www.howtoforge.com/preventing_ssh_dictionary_attacks_with_denyhosts
Look over those..
Reply to: