1. SSH. Deny
root access setting "no" in PermitRootLogin option in sshd_config
file
2. SSH. Change default port
3. OS Update. Keep debian Updated.
4. Install fail2ban
5. ....
De: Nicolas Carusso [mailto:ncarusso@hotmail.com]
Enviado el: jueves, 29 de diciembre de 2011 12:37
Para: serge.dewailly@openevents.fr; debian-security@lists.debian.org
Asunto: RE: need help with openssh attack
How
about creating a Referense list with all the suggestions that we are doing?
If all of you agree, Let's start now.
SECURITY LIST
******************
1. SSH. Deny root access setting "no" in PermitRootLogin option in
sshd_config file
2. SSH. Change default port
3. OS Update. Keep debian Updated.
4....
> Date: Thu, 29 Dec 2011 16:16:45
+0100
> From: serge.dewailly@openevents.fr
> To: debian-security@lists.debian.org
> Subject: Re: need help with openssh attack
>
> Hi,
>
> To prevent brute-force attack, you can also use the package named
> "fail2ban" which does not need lots of configuration or tweeking
in many
> situation.
>
> --
> Serge Dewailly - Administrateur Système
>
>
> Le 29/12/11 15:04, Taz a écrit :
> > Hello, we've got various debian servers, about 15, with different
> > versions. All of them have been attacked today and granted root
> > access.
> > Can anybody help? We can give ssh access to attacked machine, it
seems
> > to be serious ssh vulnerability.
> >
> > How can i contact openssh mnt?
> >
> > Thank you.
> >
> >
>
>
> --
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
> Archive: http://lists.debian.org/[🔎] 4EFC845D.7000608@openevents.fr
>