Re: SSH attack

To: Marty <martyb@ix.netcom.com>
Cc: debian list <debian-user@lists.debian.org>
Subject: Re: SSH attack
From: Alvin Oga <aoga@mail.Linux-Consulting.com>
Date: Mon, 10 Oct 2005 21:23:13 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.3.96.1051010211919.18924A-100000@Maggie.Linux-Consulting.com>
In-reply-to: <[🔎] 434B35F3.3040508@ix.netcom.com>

On Mon, 10 Oct 2005, Marty wrote:

> > simple test ... 
> > ( use your positive or negative logic equivalents for these files )
> > 
> > /etc/hosts.deny
> > 	ALL : ALL
> 
> I'm not sure that will work with the manpage example I gave.

works for me ... no services coming in that is not supposed to

> > you'll find that you will need to have
> > 
> > /etc/hosts.allow
> > 	sshd : 192.168.123.456
> > 
> > restart the inetd or sshd as needed
> 
> Don't forget to add your ssh entry in /etc/inetd.conf.

everything is turned off, sshd is NOT listed in inetd.conf or xinetd.conf
whichever one is being used .. and similarly for the [x]inetd daemon
itself
	- sshd does its own magic based on the allow/deny entries

--------

grep whatever you like from the gazillion log files for ssh this and ssh
that

c ya
alvin

Reply to:

Follow-Ups:
- Re: SSH attack
  - From: Marty <martyb@ix.netcom.com>

References:
- Re: SSH attack
  - From: Marty <martyb@ix.netcom.com>

Prev by Date: Re: Laptop clock is localtime, system time is off
Next by Date: Re: shared Debian hosting
Previous by thread: Re: SSH attack
Next by thread: Re: SSH attack
Index(es):
- Date
- Thread