Alan Dayley wrote: >On Thursday 28 April 2005 06:33 am, Mike Hoy wrote: > > >>Hi, >> >>i just set up a new server with FC3. after reading george toft's >>presentation on security i thought it would be a good idea. i had >>gentoo installed and probably it was being hacked all the time, i don't >>know. >> >>today in my new install of FC3 i was told as root that i 'had new >>messages', in /var/spool/mail/root >>so i checked it out >>somebody has been trying to ssh into my acct with all kinds of >>usernames and apparently with no success. i'm told this is called ssh >>hammering and i need to setup iptables. I need to get started on >>tightening up security on this thing. My server runs a website and ssh >>will need to be running. >>my question: (i'm sure more to come) >>I was told I can set ssh up so that root can only access ssh from >>127.0.0.1. how do i go about doing that. also how can i make my >>personal username have access to /whatever/apache/htdocs/* so I don't >>have to be root to edit things. >> >> > >For ssh configuring, this looks like a pretty good guide: > >http://www.siliconvalleyccie.com/linux-hn/ssh-server.htm > >I have found that my dsl connection drops and changes my IP so much that >doing RSA keys, while more secure, was too painful (How to is explained >in the link above). > >The best thing I did to stop login hammering was move ssh operate on a >high, non-standard port (also explained in the link above) instead of the >default 22. Check the list of ports here: > >http://www.iana.org/assignments/port-numbers > >Choose one that is above 1024 and not used much or at all. Then you have >to specify the port number when logging in remotely. Something like: > >ssh -p NNNN server.name > >Not too hard and the password hammers have stopped, at least for me. > >Alan >--------------------------------------------------- >PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >To subscribe, unsubscribe, or to change you mail settings: >http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > thx alan actually i can't connect with ssh -p NNNN server.name not sure why unless it's a dns thing. i have an ip only. so mine is ssh -p NNNN user@ipaddress --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss