Richard87 Skrevet 6. september 2006 Del Skrevet 6. september 2006 Hei, jeg sliter litt med hacke angrep. De siste dagene har mange forskjellige IP'addresser prøvd og knekke passordet mitt og logge seg på pc'en min, er det noen som vett hvordan jeg automatisk kan legge til ip som prøver og logge seg på pc'en mange ganger, med forskjellige bruker navn til hosts.deny filen? btw, er helt ny i linux., og kjører Fedora Core 5.. dessuten, her er syslogen over de siste dagene... cat /var/log/secure | grep "Invalid user " Sep 3 14:04:39 26 sshd[6629]: Invalid user admin from 221.148.65.30Sep 3 14:04:44 26 sshd[6633]: Invalid user test from 221.148.65.30 Sep 3 14:04:49 26 sshd[6641]: Invalid user guest from 221.148.65.30 Sep 3 14:04:53 26 sshd[6656]: Invalid user webmaster from 221.148.65.30 Sep 3 14:05:08 26 sshd[6664]: Invalid user oracle from 221.148.65.30 Sep 3 14:05:12 26 sshd[6667]: Invalid user library from 221.148.65.30 Sep 3 14:05:17 26 sshd[6671]: Invalid user info from 221.148.65.30 Sep 3 14:05:21 26 sshd[6674]: Invalid user shell from 221.148.65.30 Sep 3 14:05:27 26 sshd[6677]: Invalid user linux from 221.148.65.30 Sep 3 14:05:32 26 sshd[6682]: Invalid user unix from 221.148.65.30 Sep 3 15:50:20 26 sshd[8384]: Invalid user test from 220.196.42.174 Sep 3 15:50:29 26 sshd[8388]: Invalid user guest from 220.196.42.174 Sep 3 15:50:36 26 sshd[8392]: Invalid user admin from 220.196.42.174 Sep 3 15:50:44 26 sshd[8395]: Invalid user admin from 220.196.42.174 Sep 3 15:50:51 26 sshd[8401]: Invalid user user from 220.196.42.174 Sep 3 15:51:20 26 sshd[8417]: Invalid user test from 220.196.42.174 Sep 3 21:36:12 26 sshd[12367]: Invalid user network from 61.148.83.72 Sep 3 21:36:24 26 sshd[12373]: Invalid user pgsql from 61.148.83.72 Sep 3 21:36:48 26 sshd[12392]: Invalid user liviu from 61.148.83.72 Sep 3 21:36:53 26 sshd[12396]: Invalid user liviu from 61.148.83.72 Sep 3 21:36:59 26 sshd[12399]: Invalid user sanda from 61.148.83.72 Sep 3 21:37:18 26 sshd[12413]: Invalid user password from 61.148.83.72 Sep 3 21:37:29 26 sshd[12425]: Invalid user user from 61.148.83.72 Sep 3 21:37:42 26 sshd[12431]: Invalid user master from 61.148.83.72 Sep 3 21:37:54 26 sshd[12437]: Invalid user master from 61.148.83.72 Sep 3 21:37:59 26 sshd[12440]: Invalid user fluffy from 61.148.83.72 Sep 3 21:38:11 26 sshd[12446]: Invalid user fluffy from 61.148.83.72 Sep 3 21:38:18 26 sshd[12449]: Invalid user admin from 61.148.83.72 Sep 3 21:38:23 26 sshd[12453]: Invalid user test from 61.148.83.72 Sep 3 21:38:29 26 sshd[12456]: Invalid user guest from 61.148.83.72 Sep 3 21:38:36 26 sshd[12460]: Invalid user webmaster from 61.148.83.72 Sep 3 21:38:47 26 sshd[12465]: Invalid user oracle from 61.148.83.72 Sep 3 21:38:53 26 sshd[12472]: Invalid user library from 61.148.83.72 Sep 3 21:39:00 26 sshd[12487]: Invalid user info from 61.148.83.72 Sep 3 21:39:06 26 sshd[12507]: Invalid user shell from 61.148.83.72 Sep 3 21:39:12 26 sshd[12520]: Invalid user linux from 61.148.83.72 Sep 3 21:39:18 26 sshd[12526]: Invalid user unix from 61.148.83.72 Sep 3 21:39:25 26 sshd[12530]: Invalid user webadmin from 61.148.83.72 Sep 3 21:39:36 26 sshd[12536]: Invalid user test from 61.148.83.72 Sep 3 21:39:49 26 sshd[12549]: Invalid user admin from 61.148.83.72 Sep 3 21:39:55 26 sshd[12555]: Invalid user guest from 61.148.83.72 Sep 3 21:40:01 26 sshd[12561]: Invalid user master from 61.148.83.72 Sep 3 21:40:27 26 sshd[12588]: Invalid user network from 61.148.83.72 Sep 3 21:40:33 26 sshd[12591]: Invalid user word from 61.148.83.72 Sep 3 21:42:00 26 sshd[12703]: Invalid user admin from 61.148.83.72 Sep 3 21:42:05 26 sshd[12706]: Invalid user admin from 61.148.83.72 Sep 3 21:42:11 26 sshd[12710]: Invalid user admin from 61.148.83.72 Sep 3 21:42:17 26 sshd[12713]: Invalid user admin from 61.148.83.72 Sep 3 21:42:35 26 sshd[12748]: Invalid user test from 61.148.83.72 Sep 3 21:42:40 26 sshd[12752]: Invalid user test from 61.148.83.72 Sep 5 18:56:43 26 sshd[3819]: Invalid user stephen from 218.149.85.6 Sep 5 18:56:54 26 sshd[3827]: Invalid user george from 218.149.85.6 Sep 5 18:56:58 26 sshd[3830]: Invalid user michael from 218.149.85.6 Sep 5 18:57:04 26 sshd[3835]: Invalid user john from 218.149.85.6 Sep 5 18:57:08 26 sshd[3838]: Invalid user david from 218.149.85.6 Sep 5 18:57:13 26 sshd[3843]: Invalid user paul from 218.149.85.6 Sep 5 18:57:21 26 sshd[3860]: Invalid user angel from 218.149.85.6 Sep 5 18:57:32 26 sshd[3877]: Invalid user pgsql from 218.149.85.6 Sep 5 18:57:37 26 sshd[3880]: Invalid user pgsql from 218.149.85.6 Sep 5 18:57:51 26 sshd[3893]: Invalid user ident from 218.149.85.6 Sep 5 18:57:57 26 sshd[3896]: Invalid user resin from 218.149.85.6 Sep 5 18:58:03 26 sshd[3902]: Invalid user mikael from 218.149.85.6 Sep 5 18:58:07 26 sshd[3912]: Invalid user mike from 218.149.85.6 Sep 5 18:58:12 26 sshd[3926]: Invalid user suva from 218.149.85.6 Sep 5 18:58:17 26 sshd[3933]: Invalid user webpop from 218.149.85.6 Sep 5 18:58:22 26 sshd[3949]: Invalid user technicom from 218.149.85.6 Sep 5 18:58:26 26 sshd[3958]: Invalid user susan from 218.149.85.6 Sep 5 18:58:30 26 sshd[3967]: Invalid user sunsun from 218.149.85.6 Sep 5 18:58:40 26 sshd[4000]: Invalid user sunny from 218.149.85.6 Sep 5 18:58:44 26 sshd[4003]: Invalid user steven from 218.149.85.6 Sep 5 18:58:48 26 sshd[4007]: Invalid user ssh from 218.149.85.6 Sep 5 18:58:53 26 sshd[4015]: Invalid user search from 218.149.85.6 Sep 5 18:58:58 26 sshd[4019]: Invalid user sara from 218.149.85.6 Sep 5 18:59:03 26 sshd[4024]: Invalid user robert from 218.149.85.6 Sep 5 18:59:12 26 sshd[4051]: Invalid user postmaster from 218.149.85.6 Sep 5 18:59:17 26 sshd[4057]: Invalid user party from 218.149.85.6 Sep 5 18:59:22 26 sshd[4060]: Invalid user michael from 218.149.85.6 Sep 5 18:59:27 26 sshd[4063]: Invalid user amanda from 218.149.85.6 Sep 5 18:59:47 26 sshd[4097]: Invalid user sgi from 218.149.85.6 Sep 5 18:59:52 26 sshd[4104]: Invalid user Aaliyah from 218.149.85.6 Sep 5 18:59:57 26 sshd[4111]: Invalid user Aaron from 218.149.85.6 Sep 5 19:00:02 26 sshd[4115]: Invalid user Aba from 218.149.85.6 Sep 5 19:00:06 26 sshd[4119]: Invalid user Abel from 218.149.85.6 Sep 5 19:00:11 26 sshd[4134]: Invalid user Jewel from 218.149.85.6 Sep 5 19:00:21 26 sshd[4144]: Invalid user users from 218.149.85.6 Sep 5 19:00:26 26 sshd[4147]: Invalid user admins from 218.149.85.6 Sep 5 19:00:30 26 sshd[4152]: Invalid user admins from 218.149.85.6 Sep 5 19:00:36 26 sshd[4163]: Invalid user Zmeu from 218.149.85.6 Sep 5 19:00:46 26 sshd[4181]: Invalid user michi from 218.149.85.6 Sep 5 19:00:52 26 sshd[4186]: Invalid user add from 218.149.85.6 Sep 5 19:00:56 26 sshd[4191]: Invalid user michael from 218.149.85.6 Sep 5 19:01:00 26 sshd[4194]: Invalid user brad from 218.149.85.6 Sep 5 19:01:06 26 sshd[4209]: Invalid user brad from 218.149.85.6 Sep 5 19:01:11 26 sshd[4212]: Invalid user bad from 218.149.85.6 Sep 5 19:01:15 26 sshd[4218]: Invalid user carole from 218.149.85.6 Sep 5 19:01:21 26 sshd[4225]: Invalid user carole from 218.149.85.6 Sep 5 19:01:25 26 sshd[4231]: Invalid user carole from 218.149.85.6 Sep 5 19:01:30 26 sshd[4234]: Invalid user philippe from 218.149.85.6 Sep 5 19:01:35 26 sshd[4238]: Invalid user philippe from 218.149.85.6 Sep 6 18:09:00 26 sshd[6536]: Invalid user test from 220.196.42.174 Sep 6 18:09:08 26 sshd[6540]: Invalid user guest from 220.196.42.174 Sep 6 18:09:15 26 sshd[6544]: Invalid user admin from 220.196.42.174 Sep 6 18:09:22 26 sshd[6549]: Invalid user admin from 220.196.42.174 Sep 6 18:09:29 26 sshd[6554]: Invalid user user from 220.196.42.174 Sep 6 18:10:01 26 sshd[6566]: Invalid user test from 220.196.42.174 Sep 6 20:25:08 26 sshd[10752]: Invalid user staff from 220.225.241.143 Sep 6 20:25:12 26 sshd[10774]: Invalid user sales from 220.225.241.143 Sep 6 20:25:15 26 sshd[10787]: Invalid user recruit from 220.225.241.143 Sep 6 20:25:19 26 sshd[10806]: Invalid user alias from 220.225.241.143 Sep 6 20:25:22 26 sshd[10822]: Invalid user office from 220.225.241.143 Sep 6 20:25:26 26 sshd[10840]: Invalid user samba from 220.225.241.143 Sep 6 20:25:34 26 sshd[10874]: Invalid user webadmin from 220.225.241.143 Sep 6 20:25:38 26 sshd[10894]: Invalid user spam from 220.225.241.143 Sep 6 20:25:41 26 sshd[10909]: Invalid user virus from 220.225.241.143 Sep 6 20:25:45 26 sshd[10929]: Invalid user cyrus from 220.225.241.143 Sep 6 20:25:48 26 sshd[10943]: Invalid user oracle from 220.225.241.143 Sep 6 20:25:52 26 sshd[10961]: Invalid user michael from 220.225.241.143 Sep 6 20:25:59 26 sshd[10996]: Invalid user test from 220.225.241.143 Sep 6 20:26:02 26 sshd[11013]: Invalid user webmaster from 220.225.241.143 Sep 6 20:26:06 26 sshd[11026]: Invalid user postmaster from 220.225.241.143 Sep 6 20:26:09 26 sshd[11037]: Invalid user postfix from 220.225.241.143 Sep 6 20:26:16 26 sshd[11069]: Invalid user paul from 220.225.241.143 Sep 6 20:26:24 26 sshd[11094]: Invalid user guest from 220.225.241.143 Sep 6 20:26:27 26 sshd[11107]: Invalid user admin from 220.225.241.143 Sep 6 20:26:31 26 sshd[11116]: Invalid user linux from 220.225.241.143 Sep 6 20:26:35 26 sshd[11124]: Invalid user user from 220.225.241.143 Sep 6 20:26:38 26 sshd[11137]: Invalid user david from 220.225.241.143 Sep 6 20:26:42 26 sshd[11151]: Invalid user web from 220.225.241.143 Sep 6 20:26:49 26 sshd[11176]: Invalid user pgsql from 220.225.241.143 Sep 6 20:26:56 26 sshd[11204]: Invalid user info from 220.225.241.143 Sep 6 20:27:00 26 sshd[11224]: Invalid user tony from 220.225.241.143 Sep 6 20:27:03 26 sshd[11235]: Invalid user core from 220.225.241.143 Sep 6 20:27:07 26 sshd[11248]: Invalid user newsletter from 220.225.241.143 Sep 6 20:27:15 26 sshd[11279]: Invalid user visitor from 220.225.241.143 Sep 6 20:27:18 26 sshd[11304]: Invalid user ftpuser from 220.225.241.143 Sep 6 20:27:22 26 sshd[11322]: Invalid user username from 220.225.241.143 Sep 6 20:27:26 26 sshd[11345]: Invalid user administrator from 220.225.241.143 Sep 6 20:27:30 26 sshd[11361]: Invalid user library from 220.225.241.143 Sep 6 20:27:34 26 sshd[11380]: Invalid user test from 220.225.241.143 Sep 6 20:27:45 26 sshd[11417]: Invalid user admin from 220.225.241.143 Sep 6 20:27:49 26 sshd[11430]: Invalid user guest from 220.225.241.143 Sep 6 20:27:53 26 sshd[11439]: Invalid user master from 220.225.241.143 Sep 6 20:28:16 26 sshd[11543]: Invalid user admin from 220.225.241.143 Sep 6 20:28:21 26 sshd[11566]: Invalid user admin from 220.225.241.143 Sep 6 20:28:25 26 sshd[11586]: Invalid user admin from 220.225.241.143 Sep 6 20:28:28 26 sshd[11604]: Invalid user admin from 220.225.241.143 Sep 6 20:28:40 26 sshd[11652]: Invalid user test from 220.225.241.143 Sep 6 20:28:44 26 sshd[11675]: Invalid user test from 220.225.241.143 Sep 6 20:28:48 26 sshd[11689]: Invalid user webmaster from 220.225.241.143 Sep 6 20:28:51 26 sshd[11699]: Invalid user username from 220.225.241.143 Sep 6 20:28:55 26 sshd[11707]: Invalid user user from 220.225.241.143 Sep 6 20:29:03 26 sshd[11744]: Invalid user admin from 220.225.241.143 Sep 6 20:29:07 26 sshd[11762]: Invalid user test from 220.225.241.143 Sep 6 20:29:22 26 sshd[11816]: Invalid user danny from 220.225.241.143 Sep 6 20:29:27 26 sshd[11826]: Invalid user alex from 220.225.241.143 Sep 6 20:29:31 26 sshd[11844]: Invalid user brett from 220.225.241.143 Sep 6 20:29:34 26 sshd[11866]: Invalid user mike from 220.225.241.143 Sep 6 20:29:39 26 sshd[11884]: Invalid user alan from 220.225.241.143 Sep 6 20:29:43 26 sshd[11904]: Invalid user data from 220.225.241.143 Sep 6 20:29:47 26 sshd[11926]: Invalid user www-data from 220.225.241.143 Sep 6 20:29:50 26 sshd[11941]: Invalid user http from 220.225.241.143 Sep 6 20:29:54 26 sshd[11956]: Invalid user httpd from 220.225.241.143 Sep 6 20:29:57 26 sshd[11969]: Invalid user pop from 220.225.241.143 Sep 6 20:30:09 26 sshd[12017]: Invalid user backup from 220.225.241.143 Sep 6 20:30:13 26 sshd[12030]: Invalid user info from 220.225.241.143 Sep 6 20:30:16 26 sshd[12039]: Invalid user shop from 220.225.241.143 Sep 6 20:30:20 26 sshd[12056]: Invalid user sales from 220.225.241.143 Sep 6 20:30:24 26 sshd[12076]: Invalid user web from 220.225.241.143 Sep 6 20:30:27 26 sshd[12092]: Invalid user www from 220.225.241.143 Sep 6 20:30:31 26 sshd[12108]: Invalid user wwwrun from 220.225.241.143 Sep 6 20:30:35 26 sshd[12129]: Invalid user adam from 220.225.241.143 Sep 6 20:30:38 26 sshd[12146]: Invalid user stephen from 220.225.241.143 Sep 6 20:30:46 26 sshd[12181]: Invalid user george from 220.225.241.143 Sep 6 20:30:50 26 sshd[12204]: Invalid user john from 220.225.241.143 Sep 6 20:30:57 26 sshd[12241]: Invalid user angel from 220.225.241.143 Sep 6 20:31:05 26 sshd[12279]: Invalid user pgsql from 220.225.241.143 Sep 6 20:31:15 26 sshd[12306]: Invalid user ident from 220.225.241.143 Sep 6 20:31:18 26 sshd[12325]: Invalid user webpop from 220.225.241.143 Sep 6 20:31:22 26 sshd[12343]: Invalid user susan from 220.225.241.143 Sep 6 20:31:26 26 sshd[12361]: Invalid user sunny from 220.225.241.143 Sep 6 20:31:34 26 sshd[12392]: Invalid user steven from 220.225.241.143 Sep 6 20:31:38 26 sshd[12413]: Invalid user ssh from 220.225.241.143 Sep 6 20:31:47 26 sshd[12452]: Invalid user search from 220.225.241.143 Sep 6 20:31:56 26 sshd[12492]: Invalid user sara from 220.225.241.143 Sep 6 20:32:00 26 sshd[12512]: Invalid user robert from 220.225.241.143 Sep 6 20:32:07 26 sshd[12544]: Invalid user party from 220.225.241.143 Sep 6 20:32:11 26 sshd[12562]: Invalid user amanda from 220.225.241.143 Sep 6 20:32:22 26 sshd[12613]: Invalid user sgi from 220.225.241.143 Sep 6 20:32:30 26 sshd[12642]: Invalid user users from 220.225.241.143 Sep 6 20:32:33 26 sshd[12657]: Invalid user admins from 220.225.241.143 Sep 6 20:32:37 26 sshd[12674]: Invalid user admins from 220.225.241.143 Sep 6 20:33:13 26 sshd[12820]: Invalid user dean from 220.225.241.143 Sep 6 20:33:17 26 sshd[12841]: Invalid user unknown from 220.225.241.143 Sep 6 20:33:21 26 sshd[12859]: Invalid user securityagent from 220.225.241.143 Sep 6 20:33:25 26 sshd[12872]: Invalid user tokend from 220.225.241.143 Sep 6 20:33:28 26 sshd[12888]: Invalid user windowserver from 220.225.241.143 Sep 6 20:33:32 26 sshd[12914]: Invalid user appowner from 220.225.241.143 Sep 6 20:33:36 26 sshd[12932]: Invalid user xgridagent from 220.225.241.143 Sep 6 20:33:40 26 sshd[12947]: Invalid user agent from 220.225.241.143 Sep 6 20:33:44 26 sshd[12958]: Invalid user xgridcontroller from 220.225.241.143 Sep 6 20:33:47 26 sshd[12977]: Invalid user jabber from 220.225.241.143 Sep 6 20:33:52 26 sshd[12997]: Invalid user amavisd from 220.225.241.143 Sep 6 20:33:55 26 sshd[13013]: Invalid user clamav from 220.225.241.143 Sep 6 20:33:59 26 sshd[13028]: Invalid user appserver from 220.225.241.143 Sep 6 20:34:03 26 sshd[13048]: Invalid user mailman from 220.225.241.143 Sep 6 20:34:07 26 sshd[13068]: Invalid user cyrusimap from 220.225.241.143 Sep 6 20:34:11 26 sshd[13085]: Invalid user qtss from 220.225.241.143 Sep 6 20:34:14 26 sshd[13104]: Invalid user eppc from 220.225.241.143 Sep 6 20:34:18 26 sshd[13122]: Invalid user telnetd from 220.225.241.143 Sep 6 20:34:22 26 sshd[13136]: Invalid user identd from 220.225.241.143 Sep 6 20:34:26 26 sshd[13154]: Invalid user gnats from 220.225.241.143 Sep 6 20:34:30 26 sshd[13166]: Invalid user jeff from 220.225.241.143 Sep 6 20:34:33 26 sshd[13175]: Invalid user irc from 220.225.241.143 Sep 6 20:34:37 26 sshd[13183]: Invalid user list from 220.225.241.143 Sep 6 20:34:41 26 sshd[13196]: Invalid user eleve from 220.225.241.143 Sep 6 20:34:45 26 sshd[13219]: Invalid user proxy from 220.225.241.143 Sep 6 20:34:49 26 sshd[13238]: Invalid user sys from 220.225.241.143 Sep 6 20:34:53 26 sshd[13249]: Invalid user zzz from 220.225.241.143 Sep 6 20:34:57 26 sshd[13271]: Invalid user frank from 220.225.241.143 Sep 6 20:35:01 26 sshd[13290]: Invalid user dan from 220.225.241.143 Sep 6 20:35:05 26 sshd[13303]: Invalid user james from 220.225.241.143 Sep 6 20:35:09 26 sshd[13318]: Invalid user snort from 220.225.241.143 Sep 6 20:35:13 26 sshd[13336]: Invalid user radiomail from 220.225.241.143 Sep 6 20:35:16 26 sshd[13356]: Invalid user harrypotter from 220.225.241.143 Sep 6 20:35:21 26 sshd[13373]: Invalid user divine from 220.225.241.143 Sep 6 20:35:25 26 sshd[13394]: Invalid user popa3d from 220.225.241.143 Sep 6 20:35:28 26 sshd[13414]: Invalid user aptproxy from 220.225.241.143 Sep 6 20:35:32 26 sshd[13433]: Invalid user desktop from 220.225.241.143 Sep 6 20:35:36 26 sshd[13451]: Invalid user workshop from 220.225.241.143 Noen som vet hvordan jeg mer effektivt kan blokkere disse(uten og skru av ssh serveren) Lenke til kommentar
Palme Skrevet 6. september 2006 Del Skrevet 6. september 2006 Du kan lage deg et iptables script som bare slipper gjennom det du vil. I tilleg kan du gjerne skifte ssh port. Lenke til kommentar
RattleBattle Skrevet 6. september 2006 Del Skrevet 6. september 2006 (endret) I tillegg et godt passord og kanskje også et ikke-engelsk, ikke linux-relatert og ikke tillate root-login. Ellers virker det ikke akkurat som sjansene er så veldig store for at det angrepet skal lykkes. Endret 6. september 2006 av RattleBattle Lenke til kommentar
olear Skrevet 6. september 2006 Del Skrevet 6. september 2006 Skift port til noe annet en 22. Lenke til kommentar
Langbein Skrevet 6. september 2006 Del Skrevet 6. september 2006 Skift port til noe annet en 22. 6816974[/snapback] Slett ikke dumt. Jeg gjorde selv dette for et par år siden, og har naturlig nok ikke logget et eneste innbruddsforsøk på ssh siden. Bortsett fra noen daemons (ssh,ftp,http ++) som alle kjører på non-standard porter, er iptables satt til DROP på alle andre porter, så burken min er kjip å portscanne Lenke til kommentar
RattleBattle Skrevet 6. september 2006 Del Skrevet 6. september 2006 Bortsett fra noen daemons (ssh,ftp,http ++) som alle kjører på non-standard porter, er iptables satt til DROP på alle andre porter, så burken min er kjip å portscanne 6817096[/snapback] Hvis du har servicer kjørende på noen standard porter, så er den vel i grunn ikke den kjipeste. Lenke til kommentar
Insomnis Skrevet 6. september 2006 Del Skrevet 6. september 2006 Den enkleste løsningen er vel å bytte port, for å være litt sikkrere kan du i tillegg installere programmer som sjekker dette og blokkerer ip'n - som oftest før de i det hele tatt får muligheten til å logge inn. eks. sshdfilter http://www.csc.liv.ac.uk/~greg/sshdfilter/ Lenke til kommentar
Langbein Skrevet 6. september 2006 Del Skrevet 6. september 2006 Kan også bruke AllowUsers eller DenyUsers for å finjustere hvilke accounts som skal kunne logges på med SSH. Enda en annen mulighet er å droppe passord, og kjøre ren public/private key autentisering. Men personlig liker jeg å ha mulighet til å logge på med passord, i tilfelle jeg må inn fra en fremmed PC hvor jeg ikke har keyen lett tilgjengelig. Lenke til kommentar
Torbjørn Skrevet 6. september 2006 Del Skrevet 6. september 2006 Som Langbein sier, det er meget lurt, uansett, å spesifisere kun hvilke brukere som skal få komme inn på ssh. Det er synd det ikke er slik ved default. Lenke til kommentar
Insomnis Skrevet 7. september 2006 Del Skrevet 7. september 2006 Som Langbein sier, det er meget lurt, uansett, å spesifisere kun hvilke brukere som skal få komme inn på ssh. Det er synd det ikke er slik ved default. 6817724[/snapback] Det er lurt med tanke på sikkerhet, men det stopper ikke disse brute force angrepene, de vil bare fortsette i det evige. Kjører man filter som blokkerer IP adressen som angrepene kommer fra så slipper man den unødige belastninga av internettlinja også. Lenke til kommentar
Torbjørn Skrevet 7. september 2006 Del Skrevet 7. september 2006 hvor stor er denne belastninga? Lenke til kommentar
Insomnis Skrevet 7. september 2006 Del Skrevet 7. september 2006 (endret) hvor stor er denne belastninga? 6820255[/snapback] sånn ca. 2x4meter, så må du dele det på overflaten på bredbåndet ditt. Endret 7. september 2006 av Insomnis Lenke til kommentar
Richard87 Skrevet 9. september 2006 Forfatter Del Skrevet 9. september 2006 Takker for mange svar, belastningen er ikke stor(vis du tenker op cpu bruk etc), jeg bare logget all aktivitet på authpriv.alert på console, sånn at jeg kunne se hva som skjedde, men etter at jeg byttet port, har jeg ikke registrert noen ting, tusen takk for tipset;) Lenke til kommentar
TheBoz Skrevet 12. september 2006 Del Skrevet 12. september 2006 Hadde samme problem jeg også på serveren min helt til jeg la inn BreakinGuard. Det gjør at når en ip har prøvd å logge inn for mange ganger (Tror det er 3 som standard?) så blir ip adressen blokkert i brannmuren (iptables). Dette fungerer helt fint. Du kan laste ned her: http://breakinguard.sourceforge.net/ Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå