Security Basics mailing list archives
Re: SSH server under attack...
From: Dave <dlaud.flux () gmail com>
Date: Tue, 24 Jan 2006 18:02:45 -0500
Bryan S. Sampsel wrote:
This sounds like a good idea. But I cant install portsentry on the router...which still can be scanned to find it's *open* ports. I think we are going to set up linux box as firewall using iptables and install portsentry etc...Off hand do you know if portsentry (or any other application that) will notify you in real time of any attempted intrusion via email?Set up portsentry on your box and configure it to drop packets from anyone port-scanning your box.
Right there keeps him from finding what you changed the port to. Then, change the port to some other number and restart both portsentry and sshd. I'd recommend a FreeBSD or Linux firewall in front of you that you can do this config with as your first line defense. Port Sentry is no longer maintained at its old home, but you can do a web search and find its new home easily enough. Good luck. Sincerely, Bryan S. Sampsel LibertyActivist.org
--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- SSH server under attack... Dave (Jan 24)
- Message not available
- Re: SSH server under attack... Dave (Jan 25)
- Message not available
- Re: SSH server under attack... Josh Chaney (Jan 25)
- Re: SSH server under attack... Edward Krack (Jan 25)
- Re: SSH server under attack... Isaac Perez (Jan 25)
- Re: SSH server under attack... Juan Hernandez (Jan 29)
- Message not available
- Re: SSH server under attack... Dave (Jan 25)
- Re: SSH server under attack... Bryan S. Sampsel (Jan 26)
- Re: SSH server under attack... Dave (Jan 25)
- Re: SSH server under attack... Robert Larsen (Jan 25)
- Re: SSH server under attack... Ansgar -59cobalt- Wiechers (Jan 26)
- Re: SSH server under attack... Rembrandt (Jan 26)
- Re: SSH server under attack... Jason Mitchell (Jan 25)
- Re: SSH server under attack... Teemu A. (Jan 26)
- Re: SSH server under attack... ilaiy (Jan 25)
- RE: SSH server under attack... Matt Cunnane (Jan 26)
- Re: SSH server under attack... Frankie Li (Jan 26)
- Re: SSH server under attack... Matt Alexander (Jan 26)