On 12/1/06, centos at 911networks.com <centos at 911networks.com> wrote: > On Fri, 1 Dec 2006 08:51:02 -0500 > Steve Huff <shuff at vecna.org> wrote: > > > let me add another suggestion to the flood: once you've rebuilt > > the box, install DenyHosts (http://denyhosts.sourceforge.net/). > > this tool is quite effective at blocking brute-force ssh attacks; > > not only will this make it much harder for an attacker even if you > > should happen to set a weak password on an account in the future, > > but it will also reduce the amount of CPU time and memory wasted on > > dealing with brute-force ssh attacks. > > http://www.bastille-linux.org/ > > Bastille is an interactive program that will guide you on how to > lock-down your boxes. They even have an OsX beta version. > > It goes into even more area than was mentioned by the others. It asks > you questions with very extensive explanations and then will apply > the changes for you at the end. > Be very very careful with Bastille. Read the documentation first and realize that you may lock yourself out of your system etc. In the last year I have had to walk over 20 people on how to boot from a cdrom, remount, try to undo the Bastille changes, and get the box in a working state. -- Stephen J Smoogen. -- CSIRT/Linux System Administrator How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice"