[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH attack

On (07/10/05 17:38), Del Boy wrote:
> >It looks like I am being rooted right now.  How do I toss this guy off
> >of my system.  he has an IP address of
> >
> >Please get back to me fast.  I took the compilers off of the system,
> >and it's only running dns... so there's no firewall or anything.  I
> >can't shut down ssh because that's my only connection to the system.
> >
> Some years ago, when I first set up an 'always on' internet connection,
> I was plagued with hackers to the point that I could not even get
> machines to install and connect to the net for long enough to update
> anti-virus systems etc. As we have both windoze and linux boxes on the
> network, we needed to cover both. Having tried several schemes, we
> settled on Draytek routers, which come with excellent 'out of box '
> defaults, and are very simple to setup and use. We now use NAT always,
> to route network traffic to any box, as we see fit. If for instance I
> need to set up a new debian box, I simply assign a local IP address like
> to the new debian installation, and if I neeed to be able
> to access this box form the internet, I can use port redirection in the
> draytek to point me to this box.  In about 6 years, we have never had a
> hacker inflicted mess, and we now use these router/firewall boxes on all
> networks which we support.  see www.draytek.com and look at 2600 and
> 2900 models.

I agree. We've been using these for sometime.  In addition the 2600 (and
possibly 2900) provides VPN, which means you can avoid NAT and ssh via
an IPSec VPN connection.



www.clivemenzies.co.uk ...
...strategies for business

Reply to: