[CentOS] Securing SSH
Tim Alberts
talberts at msiscales.com
Tue Mar 25 17:18:19 UTC 2008
Rudi Ahlers wrote:
> Tim Alberts wrote:
>> So I setup ssh on a server so I could do some work from home and I
>> think the second I opened it every sorry monkey from around the world
>> has been trying every account name imaginable to get into the system.
>>
>> What's a good way to deal with this?
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>>
> 1. Change the default port
I could do that, but if they already know about it, a simple port scan
and they'll probably find it again. Plus I gotta go tell all my client
programs the new port and I don't know how to do that on most of them
(what a hassle).
> 2. use only SSH protocol 2
got it.
> 3. Install some brute force protection which can automatically ban an
> IP on say 5 / 10 failed login attempts
The only software I know that could do this isn't supported anymore
(trisentry) or is too confusing and I don't know it yet (snort).
Suggestions?
> 4. ONLY allow SSH access from your IP, if it's static. Or signup for a
> DynDNS account, and then only allow SSH access from your DynDNS domain
>
Yeah my home account is on dynamic IP. I'd love to setup the firewall
to only allow my home computer. You're talking about these guys?
http://www.dyndns.com/ never used them before, but it looks like a good
idea. Especially since it's free (for 5 hosts) if I read correctly.
More information about the CentOS
mailing list