Re: Securing SSH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Rudi Ahlers wrote:
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I think the second I opened it every sorry monkey from around the world has been trying every account name imaginable to get into the system.

What's a good way to deal with this?

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

1. Change the default port
I could do that, but if they already know about it, a simple port scan and they'll probably find it again. Plus I gotta go tell all my client programs the new port and I don't know how to do that on most of them (what a hassle).

2. use only SSH protocol 2
got it.
3. Install some brute force protection which can automatically ban an IP on say 5 / 10 failed login attempts
The only software I know that could do this isn't supported anymore (trisentry) or is too confusing and I don't know it yet (snort). Suggestions?

4. ONLY allow SSH access from your IP, if it's static. Or signup for a DynDNS account, and then only allow SSH access from your DynDNS domain

Yeah my home account is on dynamic IP. I'd love to setup the firewall to only allow my home computer. You're talking about these guys? http://www.dyndns.com/ never used them before, but it looks like a good idea. Especially since it's free (for 5 hosts) if I read correctly.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux