Re: checking if my system is compromised
On Mon, Apr 09, 2007 at 09:31:41PM -0400, Kamaraju S Kusumanchi wrote:
> John L Fjellstad wrote:
> >
> > I usually enable the recent module in iptables, which means that you can
> > only login once every 1 minute or so. It usually give the attacker only
> > one try before they get shut down.
> Thanks for tip on iptables. iptables look a bit heavy for me (lot of reading
> to do). So currently I am using /etc/hosts.allow, /etc/hosts.deny for
> controlling the IPs which can ssh into this machine. If I find them
> inadequate, I will use iptables.
Have you tried shorewall? Its a very powerful firewall generator with
excellent docs.
Doug.
Reply to: