Re: Security basics

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2007-10-03 at 19:13 -0700, Tod Merley wrote:
> Hi Patrick and all!
> 
> Someday, Lord willing, I would like to set up a lot of standard ports
> to go to a "honey pot - virtual area" on my systems.  I would love to
> be able to let the attacker do his thing in a safe environment which
> allows me to gather all the information about him and his ways that I
> can.
> 
> Then, I would love to be able to automatically report all of this good
> information to the security community almost as fast as it occurs.
> The thought of some agents knocking on the attacker's door as he
> continues an attack makes me smile.
> 
> To a great future fellows!
> 
> Tod
> 
> On 10/3/07, Patrick <flymooney@xxxxxxxxx> wrote:
> > Steve Siegfried wrote:
> >
> > > Changing ports for ssh isn't actually that hot of an idea.  Most port scanners
> > > can detect ssh implementations since they normally self-identify.  For example,
> > > if you're running ssh on the normal port (22), try executing:
> > >       /usr/bin/telnet YOUR.HOST.IP.ADDR 22
> > > and see what pops out.
> > >
> > > Hope this helps'idly,
> > >
> > > -S
> >
> >   Changing SSH ports on my server yielded a 100% drop (yes...100%) in
> > routine script attacks. I still have the usual people checking for
> > phpMyAdmin stuff as well as the others, but nothing comes through on SSH
> > now. And yes, when I did it I heard the whole "security through
> > obscurity is not security" BS but the results cannot be argued with. In
> > summation, CHANGE YOUR SSH PORT. It will work and cut down if not
> > eliminate the script kiddies. Then when someone really starts knocking
> > on your SSH door, it will not be lost in all of the "noise" from the
> > scripters.
> >
> > Patrick
> >
> >
> > --
> > fedora-list mailing list
> > fedora-list@xxxxxxxxxx
> > To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> >
> 


http://project.honeynet.org/  :)


Calin

=================================================
"Nuclear war would really set back cable." - Ted Turner

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux