Re: Ideas for stopping ssh brute force attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, Jul 21, 2008 at 4:08 PM, Lanny Marcus <lmmailinglists@xxxxxxxxx> wrote:
> On Mon, Jul 21, 2008 at 3:43 PM, Bo Lynch <blynch@xxxxxxxxxxxxxxxxx> wrote:
>> just wanted to get some feedback from the community. Over the last few
>> days I have noticed my web server and email box have attempted to ssh'd to
>> using weird names like admin,appuser,nobody,etc.... None of these are
>> valid users. I know that I can block sshd all together with iptables but
>> that will not work for us. I did a little research on google and found
>> programs like sshguard and sshdfilter. Just wanted to know if anyone had
>> any experience with anything like these programs or have any other advice.
>> I really appreciate it.
>
> Possibly begin by not allowing root access. Don't use passwords, use keys.
>
> http://wiki.centos.org/TipsAndTricks/SshTips/SshKeyAuthentication

The above link is mostly dead. The data isn't there yet.

http://wiki.centos.org/TipsAndTricks/BecomingRoot

if you can sudo into your servers, that might help.

Also, use a different port. Many ways to skin a cat.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux