[CentOS] ssh security

Sat Jun 20 21:17:30 UTC 2009
fabian <fabian at baladia.gov.kw>

>
>
>> > [Normal log stuff from dictionary attack deleted...]
>>
>> This is common, and, presuming you have good passwords or only
>> accept authorized_keys, not a real problem other than large log
>> files.
>>
>> Look at fail2ban for a method that will automatically add
>> iptables blocks when this occurs.
>>
>
> yes fail2ban is very useful. but also good to change to a non standard
> port.
>
>
Thanks guys,

The problem was solved after using a non standard port for ssh.
but wht was confusing was that the secure logs of my mail server was
showing ssh logs
i passwordless login since backuppc needs it but using authorized keys

but wonder how it was gettin through my firewall

but also if i had to ssh from the outside network i could see the firewall
droppin my ssh request

quite confusing

any for about 24 hrs i dont hav any ssh messages in my mail server secure
logs


regrads


simon

>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.