|
|
Modify Remote Login server to block scripted attacks
I actually posted a hint a while back about using TCP wrappers to prevent unauthorized SSH access, while allowing for access from machines with dynamic IP addresses. It's here. Since then I've set up GeekTool to check my system log and display any intrusion attempts that have happened in the last hour. Believe me, there are a lot of them.
Out of curiosity I checked my system logs and found lots of stuff like this:
So, for what it's worth, it's refusing quite a few connections. I know that this sort of thing is not especially new and that we don't have much to fear from it, but that doesn't mean that we won't have anything to fear from the next SSH exploit. Better safe than sorry.
filter out IPv6 errors
You will see this type of error:
Feb 11 20:51:50 wfc xinetd[340]: service ssh, IPV6_ADDRFORM setsockopt() failed: Protocol not available (errno = 42)
If you have edited /etc/hostconfig and set IPV6=-YES- |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.14 seconds |
|