[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Recommended Web Server Ports Open?

I have a Newbe question here:
 
I am running a small website on my home computer for my Blog and a few other Web Pages (Dynamic DNS) 8080
 
I sometimes use the same computer to surf.
 
Is there a recommended Lockdown that will allow the safest use of my Debian Sarge box on the Net?
 
I know I have not been very smart on this matter, but the last few Logcheck emails have me worried a little.
 
I don't keep important information on my computer, but I don't want many interuptions to my Website.
 
I am currently moving the the data from a hard drive that crashes every night (many failing inodes every day).
 
Anyone recommend a good HOWTO on moving one complete hard drive to another, that would be helpful too.
 
The specific TAR "backup" and "restore" commands for a 6 GIG Box would also be nice.
 
I expect a little cold criticism, I can take it.
 
thanks much,
 
Fred OGrady
 
<snip>
This email is sent by logcheck. If you wish to no-longer receive it,
you can either deinstall the logcheck package or modify its
configuration file (/etc/logcheck/logcheck.conf).

Security Events
=-=-=-=-=-=-=-=
Aug  5 14:02:05 resco sshd[19651]: Failed password for illegal user shell from 140.122.110. 9 port 3333 ssh2
Aug  5 14:02:08 resco sshd[19856]: Failed password for illegal user linux from 140.122.110.9 port 3464 ssh2
Aug  5 14:02:10 resco sshd[19990]: Failed password for illegal user unix from 140.122.110.9 port 3618 ssh2
Aug  5 14:02:12 resco sshd[19992]: Illegal user webadmin from 140.122.110.9
Aug  5 14:02:12 resco sshd[19992]: Failed password for illegal user webadmin from 140.122.110.9 port 3737 ssh2
Aug  5 14:02:15 resco sshd[19994]: Failed password for illegal user ftp from 140.122.110.9 port 3859 ssh2
Aug  5 14:02:17 resco sshd[19996]: Failed password for illegal user test from 140.122.110.9 port 3973 ssh2
Aug  5 14:02:19 resco sshd[19998]: Failed password for root from 140.122.110.9 port 4092 ssh2
Aug  5 14:02:21 resco sshd[20000]: Illegal user admin from 140.122.110.9
Aug  5 14:02:21 resco sshd[20000]: Failed password for illegal user admin from 140.122.110.9 port 4204 ssh2
Aug  5 14:02:24 resco sshd[20002]: Failed password for illegal user guest from 140.122.110.9 port 4314 ssh2
Aug  5 14:02:27 resco sshd[20004]: Failed password for illegal user master from 140.122.110.9 port 4460 ssh2
Aug  5 14:02:30 resco sshd[20006]: Failed password for illegal user apache from 140.122.110.9 port 4579 ssh2
Aug  5 14:02:32 resco sshd[20008]: Failed password for root from 140.122.110.9 port 4723 ssh2
Aug  5 14:02:34 resco sshd[20010]: Failed password for root from 140.122.110.9 port 4828 ssh2
Aug  5 14:02:40 resco sshd[20012]: Failed password for illegal user network from 140.122.110.9 port 4938 ssh2
Aug  5 14:02:42 resco sshd[20014]: Failed password for illegal user word from 140.122.110.9 port 1240 ssh2
Aug  5 14:02:44 resco sshd[20018]: Failed password for root from 140.122.110.9 port 1347 ssh2
Aug  5 14:02:48 resco sshd[20020]: Failed password for root from 140.122.110.9 port 1456 ssh2
Aug  5 14:02:52 resco sshd[20023]: Failed password for root from 140.122.110.9 port 1650 ssh2
Aug  5 14:02:58 resco sshd[20025]: Failed password for root from 140.122.110.9 port 1851 ssh2
Aug  5 14:03:00 resco sshd[20027]: Failed password for root from 140.122.110.9 port 2125 ssh2
--
 
(on to infinity)
<snip>

Fred OGrady
 
Reply to: