Re: ssh security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, Jun 19, 2009, Cisco-Education wrote:
>Dear All,
>
>I have the following setup running perfectly OK for a long time
>
>CentOS release 5 (Final)
>sendmail-8.13.8-2.el5
>MailScanner 4.76.25
>bind-9.3.4-6.0.3.P1.el5_2
>
>now i jus setup a centos box running BackupPC for backing up my my above
>mail server using ssh as per the instructions in backup pc site
>i had to enable sshd so i did it and
>everthing works perfect and backup works great as per my requirement
>
>but i notice that when i do a
>
>tail -f /var/log/secure
>
>i see the followin very often

[Normal log stuff from dictionary attack deleted...]

This is common, and, presuming you have good passwords or only
accept authorized_keys, not a real problem other than large log
files.

Look at fail2ban for a method that will automatically add
iptables blocks when this occurs.

Bill
-- 
INTERNET:   bill@xxxxxxxxxxxxx  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186  Skype: jwccsllc (206) 855-5792

"I ask, sir, what is the militia? It is the whole people. To disarm the
people is the best and most effectual way to enslave them."-- George Mason
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux