Mailinglist Archive: opensuse (1570 mails)

< Previous Next >
Re: [opensuse] Coordinated, distributed ssh attacks?
  • From: Joop Beris <j.beris@xxxxxxxxxxxxx>
  • Date: Mon, 5 Oct 2009 14:29:04 +0200
  • Message-id: <200910051429.04416.j.beris@xxxxxxxxxxxxx>
On Saturday 03 October 2009 17:16:09 Per Jessen wrote:

I've just remembered the only drawback - using rsync, scp and others who
use ssh under the covers does become a little tiresome, but I think
both rsync and scp have environment variables that'll set a usable
default so you don't have to specify the new port all the time.

Fail2ban is your friend: http://www.fail2ban.org/wiki/index.php/Main_Page

I use it to protect my home server against SSH and Apache attacks. Works like
a charm and I don't have to use the "security through obscurity" approach by
running my ssh daemon on a different port. Sure, it will stop scripted
attacks, but it breaks rsync et al.

HTH,

Joop

------------------------------------------------------------
Dit bericht is gescand op virussen en andere gevaarlijke
inhoud door MailScanner en lijkt schoon te zijn.
Mailscanner door http://www.prosolit.nl
Professional Solutions fot IT

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >