[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH attack

Jared Hall wrote:

It looks like I am being rooted right now.  How do I toss this guy off
of my system.  he has an IP address of

Please get back to me fast.  I took the compilers off of the system,
and it's only running dns... so there's no firewall or anything.  I
can't shut down ssh because that's my only connection to the system.



Some years ago, when I first set up an 'always on' internet connection,
I was plagued with hackers to the point that I could not even get
machines to install and connect to the net for long enough to update
anti-virus systems etc. As we have both windoze and linux boxes on the
network, we needed to cover both. Having tried several schemes, we
settled on Draytek routers, which come with excellent 'out of box '
defaults, and are very simple to setup and use. We now use NAT always,
to route network traffic to any box, as we see fit. If for instance I
need to set up a new debian box, I simply assign a local IP address like to the new debian installation, and if I neeed to be able
to access this box form the internet, I can use port redirection in the
draytek to point me to this box.  In about 6 years, we have never had a
hacker inflicted mess, and we now use these router/firewall boxes on all
networks which we support.  see www.draytek.com and look at 2600 and
2900 models.
have fun

Reply to: