Re: SSH mediante no-ip

To: debian-user-spanish@lists.debian.org
Subject: Re: SSH mediante no-ip
From: Juan Sierra Pons <juan@elsotanillo.net>
Date: Thu, 22 Dec 2011 19:39:23 +0100
Message-id: <[🔎] CABS=y9vUUZkxUGBtPpYLyprEbVRY8RVtkuPgt2eoMNYM4NEtAA@mail.gmail.com>
In-reply-to: <[🔎] BLU0-SMTP187F0118E0BE1EC8FFCC97EB1AA0@phx.gbl>
References: <[🔎] CAL0xakA8H7TJ588PkdE5B666sU6xrJ3h0_1y9Tc05ERKObvNoQ@mail.gmail.com> <[🔎] BLU0-SMTP187F0118E0BE1EC8FFCC97EB1AA0@phx.gbl>

2011/12/22 jmramirez (mas_ke_na) <mas_ke_na@hotmail.com>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> rantis cares escribió:
>> ssh -p 22 usuario@burrito.zapto.org
>
> Buenas...
>
>        Por cierto, dos cosas. Si el puerto es el de por defecto (22) no tienes
> que poner el -p ( tampoco pasa nada porque este puesto)
>
>        Cambia YA ese puerto ( aunque solo sea en el nat en el router) para
> tener "seguridad por oscuridad" [1]. Te lo digo porque al puerto 22
> suelen atacarlo demasiado.
>
> Un saludo
>
> [1] http://es.wikipedia.org/wiki/Seguridad_por_oscuridad
>
> - --
> "Si los tontos volaran, el cielo se oscurecería"
>
> No me envié correos en formatos propietarios
> http://www.gnu.org/philosophy/no-word-attachments.es.html
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJO83cAAAoJEOWNzQnqy+fz2lMH/35L2x0eyK5eDbpuKOM/S0hh
> HZokr9vnCLCyWHHUmjT5EHjPdP1IEbbQOiQK/iCcJ/gu99jcOZ3DwinUR+cVR/D2
> AQKd7MBPW9axZ8AVgaY8UhB8KhFQiveyz7QEmvDCOYyf1pNDlMT49vHoGMiK+ww4
> iEhsci3H0t3BFisGcIf1e4gmulP3nleybQm6v5/s3w84qpFAMSYgeqEp6Qg4Mh4N
> +km9avB8/gYIpwSRUh+cnurQQ2uju1aoiI32qPahS+GLOHdL6WcEXZlAxPbjxiMr
> yNAlqfkPMhYpy2/aMzQgdc7bWNCGfFTH6Y3CxXn+Hsfb3mgHtQiEf5LUmaIGIK8=
> =w9B0
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-user-spanish-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] BLU0-SMTP187F0118E0BE1EC8FFCC97EB1AA0@phx.gbl">http://lists.debian.org/[🔎] BLU0-SMTP187F0118E0BE1EC8FFCC97EB1AA0@phx.gbl
>
Hola otra vez,

A raíz del comentario de jmramirez, también instalaría el paquete fail2ban

Descripción: ban hosts that cause multiple authentication errors
 Fail2ban monitors log files (e.g. /var/log/auth.log,
/var/log/apache/access.log) and temporarily or persistently bans
failure-prone addresses by updating existing firewall rules.  Fail2ban
 allows easy specification of different actions to be taken such as to
ban an IP using iptables or hostsdeny rules, or simply to send a
notification email.

 By default, it comes with filter expressions for various services
(sshd, apache, qmail, proftpd, sasl etc.) but configuration can be
easily extended for monitoring any other text file.  All
 filters and actions are given in the config files, thus fail2ban can
be adopted to be used with a variety of files and firewalls.
Página principal: http://www.fail2ban.org

Te quitaras un montón de problemas con los ataques de fuerza bruta ;-P

Salu2

--------------------------------------------------------------------------------------
Juan Sierra Pons                                 juan@elsotanillo.net
Linux User Registered: #257202       http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--------------------------------------------------------------------------------------

Reply to:

References:
- SSH mediante no-ip
  - From: rantis cares <rantiscares@gmail.com>
- Re: SSH mediante no-ip
  - From: "jmramirez (mas_ke_na)" <mas_ke_na@hotmail.com>

Prev by Date: Re: Convertir swf a flv
Next by Date: Re: [OT] Licencia Oracle Database Firewall
Previous by thread: Re: SSH mediante no-ip
Next by thread: Convertir swf a flv
Index(es):
- Date
- Thread