Re: checking if my system is compromised

To: debian-user@lists.debian.org
Subject: Re: checking if my system is compromised
From: Douglas Allan Tutty <dtutty@porchlight.ca>
Date: Mon, 9 Apr 2007 21:39:57 -0400
Message-id: <[🔎] 20070410013957.GA15565@titan>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] evepdk$m1p$1@sea.gmane.org>
References: <[🔎] 1175985214.46181c3ea89d4@mail.bluebottle.com> <[🔎] 1175996482.4618484244ca7@mail.bluebottle.com> <[🔎] 87fy7b2c44.fsf@fjellstad.org> <[🔎] evepdk$m1p$1@sea.gmane.org>

On Mon, Apr 09, 2007 at 09:31:41PM -0400, Kamaraju S Kusumanchi wrote:
> John L Fjellstad wrote:
> > 
> > I usually enable the recent module in iptables, which means that you can
> > only login once every 1 minute or so.  It usually give the attacker only
> > one try before they get shut down.
 
> Thanks for tip on iptables. iptables look a bit heavy for me (lot of reading
> to do). So currently I am using /etc/hosts.allow, /etc/hosts.deny for
> controlling the IPs which can ssh into this machine. If I find them
> inadequate, I will use iptables.

Have you tried shorewall?  Its a very powerful firewall generator with
excellent docs.

Doug.

Reply to:

References:
- checking if my system is compromised
  - From: Kamaraju Kusumanchi <kamaraju@bluebottle.com>
- Re: checking if my system is compromised
  - From: Kamaraju Kusumanchi <kamaraju@bluebottle.com>
- Re: checking if my system is compromised
  - From: John L Fjellstad <john-debian@fjellstad.org>
- Re: checking if my system is compromised
  - From: Kamaraju S Kusumanchi <kamaraju@bluebottle.com>

Prev by Date: Re: checking if my system is compromised
Next by Date: Re: ssh setup: what is the Debian way? [not what I asked for, but OK ]
Previous by thread: Re: checking if my system is compromised
Next by thread: Re: checking if my system is compromised
Index(es):
- Date
- Thread