[CentOS] I appear to be attacking others
James Gagnon
jamesg at nucleus.com
Tue Feb 7 01:46:28 UTC 2006
> The O'Reilly Linux Server Security book's a good read if you have at
> least a little Unix admin/user experience. It re-iterates a lot of the
> good advice that's been covered on the list about securing SSH by
> running on a non-standard port, only allowing key based auth and then
> only for a limited subset of users/groups.
> They also cover bastion firewalling. Essentially, anything internet
> facing (or security sensitive), even if behind another firewall, it's
> good practice to firewall to the hilt. The more layers the better.
> Secure your OS. Secure your apps. Secure your network. A lot of it's
> just common sense. Unless you're full time job is nothing but security
> and you can track all the current vulnerabilities and infer where the
> next ones will be just assume every thing's a risk and lock
> down/remove everything you don't absolutely require to mitigate the
> likelihood of getting owned.
> Link-wise, I'd say the more you read the better.
> http://www.google.co.uk/search?hl=en&q=hardening+linux&btnG=Search&meta=
> http://www.google.co.uk/search?hl=en&q=hardening+redhat&btnG=Search&meta=
> Start with those. :)
> Bear in mind, if you're messing with stuff you're not sure about, use
> a test machine/have backups/make sure you can reinstall from scratch
> if you break somethign or get burned somehow.
> Will.
Thanks Will. One thing I have always done with SSH is run it on a
non-default port. Its funny I left it on 22 once and watched the log
reports every morning in my email for a few days and the amount of people
trying to login as the root user was amazing... the report was 40-50 lines
longer than normal just from all the attempts... I then chose a port over
10000 as they say most port scanners usually scan port 1-10000. Once I did
that I have not seen one attempt to try and access root through SSH or any
user for that matter. Good tip though... =)
And yeah I always have a test machine for breaking stuff on... I think thats
how I have learnt most of what I know about linux is breaking it and
re-installing it many many times ;)
Thanks for the info, very much appreciated... Gonna check out EBAY for that
book and check out those links so I have some reading to do.. thanks again!
James
More information about the CentOS
mailing list