[CentOS] I appear to be attacking others
Chris Mauritz
chrism at imntv.com
Tue Feb 7 17:52:39 UTC 2006
John Hinton wrote:
> sophana wrote:
>
>> using denyhosts is sufficient for me. After several password
>> attempts, it simply disables the ip address.
>> I now have 133 denied ips in /etc/hosts.deny
>> Of course, you have to make sure that you don't use simple passwords
>>
> I find it easier to deny all and then allow the very few who actually
> use ssh. But, this can get you into trouble if you suddenly find you
> need to shell in when out of town. A backdoor somewhere is a good idea!
Just be careful. I was in China last month and had a server in NYC that
needed some minor surgery. I ssh'ed in and spent about 10 minutes
fixing things. Even though this machine is running ssh on a
non-standard port, within MINUTES that port (and only that port) was
being probed from inside China. And I was connecting from a 5 star
hotel in Beijing (not some Internet cafe). The world is truly becoming
a dangerous place in terms of computer security.
Cheers,
More information about the CentOS
mailing list