SSH hammering

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Mike Hoy
Date:  
To: plug-discuss
Subject: SSH hammering
Hi,

i just set up a new server with FC3. after reading george toft's
presentation on security i thought it would be a good idea. i had gentoo
installed and probably it was being hacked all the time, i don't know.

today in my new install of FC3 i was told as root that i 'had new
messages', in /var/spool/mail/root
so i checked it out
somebody has been trying to ssh into my acct with all kinds of usernames
and apparently with no success. i'm told this is called ssh hammering
and i need to setup iptables. I need to get started on tightening up
security on this thing. My server runs a website and ssh will need to be
running.
my question: (i'm sure more to come)
I was told I can set ssh up so that root can only access ssh from
127.0.0.1. how do i go about doing that. also how can i make my personal
username have access to /whatever/apache/htdocs/* so I don't have to be
root to edit things.

mike hoy
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss