On Wed, Dec 24, 2014 at 11:18:36AM -0500, Jerry Stuckle wrote: > On 12/24/2014 2:01 AM, Danny wrote: > > Hi Bob, > > > > You were right, SFTP, FileZilla and Proftp confused the hell out of me ... lol > > ... I must add in my defense though that I was in a state of panic after syslog > > warned me of an attack by someone during the night via ssh ... So I frantically tried to > > make ssh and Proftp work together without reading the online guides properly ... > > > > Sometimes one does stupid things ... lol ... > > > > Thanks for everyone's input ... > > > > Danny > > > > Danny, > > As a side note - don't panic over SSH attacks. Instead, use the right > tools and techniques to secure your systems and let them do their jobs. > Monitor the server to ensure you didn't leave any holes. > > For instance, Fail2ban blocked over 100 IP's from accessing one of my > servers on yesterday alone. The attacks keep coming, but none have ever > succeeded. Not surprisingly, I mostly agree with the advice given here, we all learnt from the same sources. Nonetheless, since you claimed to be using puTTy for your ssh needs on windows, I should warn you that recently someone claimed to be able to use it as a means to compromise a ssh server: http://seclists.org/fulldisclosure/2014/Dec/42 I have not put it's claims to test, but since the last stable version of putty dates back one year http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html and since there seems to be no mention of this bug on putty bug tracking system http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ I guess you should deploy it at large, at least until it has been fixed. Good luck!
Attachment:
signature.asc
Description: Digital signature