Re: Blocking ssh
They never found a valid account. I just saw them trying hard, and
was afraid they would actually find one that had shell access.
Actually, I don't remember them finding a real account of anyone on
the box (though I didn't do a point by point comparison). This was
more a preventive, just in case they did.
If I'm not understanding what you mean, please let me know. I doubt
this will be the last time I have to do this.
Rod
> From a security point of veiw that is actually a bad idea, as the
> people
> trying to connect will now immediatly know if the have found a valid
> account and can then work on finding the password for that account.
>
> R. W. Rodolico wrote:
>
>>No, just the fact that they did not get in. Example:
>>
>>Jun 13 08:30:38 stargazer sshd[11700]: Failed password for illegal
>>user testuser from ::ffff:69.0.78.35 port 50494 ssh2
>>Jun 13 08:30:42 stargazer sshd[11702]: Illegal user testuser from
>>::ffff:69.0.78.35
>>
>>Rod
>>
>>
>>P.S. I did change the port, but they found it again. However, I
>> have
>> set up ssh now where it rejects all but two accounts even before
>>attempting to authenticate.
>>
>>RWR
>>
>>
>>
>>>Ciao,
>>>
>>>I noticed that *BSD log in the syslog the attempted password
>>>too...is there
>>>a way to do the same on linux too ?
>>>
>>>--
>>>
>>>Bye Enrico - Windows gives you just a little piece of the horizon.
>>>Use Linux.
>>>
>>> e vederai color che son contenti
>>> nel foco, perche speran di venire
>>> quando che sia a le beate genti.
>>> -- Inferno, Canto I, vv.118-120
>>>
>>>
>>>--
>>>To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
>>>with a subject of "unsubscribe". Trouble? Contact
>>>listmaster@lists.debian.org
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>
>
--
What is the use of a house if you haven't a tolerable planet to put
it on?
Thoreau
Reply to: