Re: On defense of the sshd crackers

To: debian-user@lists.debian.org
Subject: Re: On defense of the sshd crackers
From: "Steve Lamb" <grey@dmiyu.org>
Date: Tue, 9 Oct 2007 11:30:50 -0700 (PDT)
Message-id: <[🔎] 14898.206.159.183.75.1191954650.squirrel@www.dmiyu.org>

NOTE: flubbed and sent the initial reply directly to T o n g.  Resending to
the list for the archives.  My apologizes to T o n g for the CC in effect if
not in name.  ;)

T o n g wrote:
> I used to turn on my sshd just in case that I need to ssh back into my
box. But recently, I noticed that whenever I turn it on, almost instantly,
there will be a cracker attempting cracking into my sshd:

    Along with all the other excellent suggestions what I do on my machines
is firewall off the port to the public interfaces via shorewall.  Then I
found a portknock daemon and got it to open up the ssh port on a
specific knock sequence.  After all that I reopened the port to any IP
address I know I or authorized people will be coming from.

    So I am not deterred by the knock daemon but if I ever need to access
the machine from an IP other than those that are normally used I know the
knock sequence, know my username, know my password and know the port will be
close in a few seconds.  :)

    So if you absolutely need remote ip access via password from an unknown
source that might be an option you'll want to look into.

-- 
Steve Lamb



-- 
Steve Lamb

Reply to:

Follow-Ups:
- Re: On defense of the sshd crackers
  - From: Celejar <celejar@gmail.com>

Prev by Date: Re: Problems unmounting USB sticks under Gnome
Next by Date: Re: gnome alarm clock / egg timer?
Previous by thread: Re: On defense of the sshd crackers
Next by thread: Re: On defense of the sshd crackers
Index(es):
- Date
- Thread