Re: [Fwd: security]
On Sun, Jan 30, 2005 at 10:49:54AM -0200, Henrique de Moraes Holschuh wrote:
> On Sat, 29 Jan 2005, smj@littleprojects.org wrote:
> > There are a lot of SSH brute force attacking scripts out there right
> > now. I see them here at home and I see them try to get into the work
> > machines all of the time. A firewall will help you, but you will want
> > to ensure that SSH is secured as well.
>
> Yes. If you know the range of IPs you're likely to use, even something as
> simple as tcpwrappers (/etc/hosts.allow, /etc/hosts.deny) will avoid a lot
> of trouble for ssh.
I personally use a dyndns service to pre-authenticate access to a (not
only) ssh service. This is implemented by the tinydyndns project, and
the ipsvd package, which can check a client's IP address against IPs one
or more dns names resolve to at the time the client tries to connect.
Regards, Gerrit.
--
Open projects at http://smarden.org/pape/.
Reply to: