I now strictly use ssh key authentication for my home system, with a password on the key of course. One thing about port knocking - I have found in the past that an extremely fast port scanner, such as scanrand, can hit all the ports fast enough to get me to an ssh prompt on a machine using it. I don't recall the exact timing sequence, but it was at least 3 port which needed to be hit in a certain order. I found that quite interesting when I discovered it. On Mon, Mar 17, 2008 at 8:48 AM, Erich Newell wrote: > I recommend Single Packet Authentication or Port Knocking for use in > conjunction with your SSH service. > > > > > On Mon, Mar 17, 2008 at 8:37 AM, Mike Bydalek > wrote: > > > Jon M. Hanson wrote: > > > Josef Lowder wrote: > > >> . > > >> Are Linux boxes vulnerable to be used by botnets? > > >> > > >> This article in USA Today is frightening. > > >> > > >> > http://www.usatoday.com/tech/news/computersecurity/2008-03-16-computer-botnets_N.htm > > >> > > >> > > > Probably at least once a day my Linux box that I have co-located is > > > probed for a weak password /account through SSH. I'm not sure what > > > they would do to the system if they got in and I'm not going to find > > > out. When I see an SSH probe happen I track down who owns the IP and > > > report it. I also nmap the IP to see what services are running on the > > > system. > > That seems like too much work =P Most of the probes, ssh attacks, etc. > > that I see are from foreign countries and I really don't see much > > benefit in reporting them. What I do on all my servers is use 2 little > > tools to help stop these automated attacks: DenyHosts > > (http://denyhosts.sourceforge.net/) and PortSentry > > (http://sourceforge.net/projects/sentrytools/) With these 2, a high > > number (I would say 99% but then I have no proof to back it up) of > > attacks are immediately stopped in their tracks. If someone is doing a > > port scan on your entire server, do you *really* think they're doing it > > for a good reason? > > > > -Mike > > --------------------------------------------------- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change your mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > > > > -- > "A man is defined by the questions that he asks; and the way he goes about > finding the answers to those questions is the way he goes through life." > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss