|
|
Modify Remote Login server to block scripted attacks
Two more things that can only help are to use TCPwrappers and the IPFW firewall.
describes how to get TCPwrappers going.
is (uncrippled) shareware that is a nice GUI for IPFW:
One security hole I plugged is that I have to connect insecurely to a POP3 server that forced me to send that password in clear text. I made SSH tunnels to solve that problem and described that .
HTH someone. My SGIs would get broken into on a regular basis. OS X is more secure than Irix, but nothing is really secure. Thanks for posting this hint. Its importance cannot be over-stated.
Modify Remote Login server to block scripted attacks
I actually posted a hint a while back about using TCP wrappers to prevent unauthorized SSH access, while allowing for access from machines with dynamic IP addresses. It's here. Since then I've set up GeekTool to check my system log and display any intrusion attempts that have happened in the last hour. Believe me, there are a lot of them.
Out of curiosity I checked my system logs and found lots of stuff like this:
So, for what it's worth, it's refusing quite a few connections. I know that this sort of thing is not especially new and that we don't have much to fear from it, but that doesn't mean that we won't have anything to fear from the next SSH exploit. Better safe than sorry.
filter out IPv6 errors
You will see this type of error:
Feb 11 20:51:50 wfc xinetd[340]: service ssh, IPV6_ADDRFORM setsockopt() failed: Protocol not available (errno = 42)
If you have edited /etc/hostconfig and set IPV6=-YES-
Modify Remote Login server to block scripted attacks
you don't need to use a firewall to block certain hosts on ssh. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.14 seconds |
|