Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: SPAM: Re: [suse-security] Openssh + security
  • From: Bruno Cochofel <bruno.cochofel@xxxxxxxxx>
  • Date: Mon, 12 Dec 2005 13:05:44 +0000
  • Message-id: <439D75A8.5060105@xxxxxxxxx>
I believe there's a program called sentry tools (port sentry, logcheck
and host sentry) that could do the job but I think this is obsolete and
the version under sourceforge is old.
Does anyone know where this can be found by these days? Or there's any
substitute? I want not only to monitor sshd port put also others
services running...

Thanks,
Bruno

Scott Leighton wrote:

>On Sunday 11 December 2005 3:27 pm, Jaime Santos wrote:
>
>
>>Hi again,
>>
>>If someone is using a script to probe port 22 of random machines,
>>probably it does make sense to attach the ssh server
>>to some other port. But your users will have to be warned that they have
>>to explicitly name such a port when trying to
>>login remotely. Furthermore, a nmap search for open ports can always
>>reveal the services which are available, but this
>>is a directed attack. Given the nuisance (such strategy is essentially
>>security via obscurity), I think it isn't worth doing it.
>>
>>
>>
>
> Yes, the script kiddies are a nuisance. I use login_sentry to send
>them on their way (it adds their IP address to hosts.deny).
>
> http://www.lumiere.net/~j/login_sentry/
>
> Scott
>
>
>
< Previous Next >
Follow Ups