[CentOS] duqu

Wed Dec 7 00:45:11 UTC 2011
Always Learning <centos at u61.u22.net>

On Tue, 2011-12-06 at 18:12 -0600, Les Mikesell wrote:

> I'd expect it to be at least typical to firewall direct ssh access
> from the internet.

A Linux newcomer, untrained and a self-learner, I made an abrupt
immersion into Linux on 1 June 2010. It was a steep learning-curve.

The first thing I did was to make a 20-odd character password for Root
with lowercase, uppercase and digits (using my former address in
Germany).

The next thing I did was to change the default SSH port number AND
restrict access to 3 approved IP addresses only.

Anyone who leaves SSH on a default port open to any IP address is
stupid.

Anyone not wanting to allow SSH access into their machine should
consider:-

        chkconfig --list|grep ssh
        chkconfig sshd off
        service sshd stop
        
Long, not easy to guess and totally beyond the reach of dictionary
attacks, passwords for Root are absolutely essential. Security begins
with a minimum password length of 12 characters for ALL users.

Rootkits are another essential.

There is a real war on. No sensible person lays down and lets the enemy
walk all over them. Constant and widespread defence is vitally
important. Every day I see evidence of many hacked computers all around
the world. It persuades me to think many admins are simply incompetent -
they seem to use Windoze.

A professional qualification in basic server security would be a useful
attribute.

-- 
With best regards,

Paul.
England,
EU.