Re: SSH hammering

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Patrick Fleming, EA
Date:  
To: plug-discuss
Subject: Re: SSH hammering

In sshd_config (should be /etc/ssh/sshd_config)
edit the following line:
PermitRootLogin yes
change it to:
PermitRootLogin no
Keep in mind that you will have to log in as some other user and su to root.

Mike Hoy wrote:
| Hi,

|
| i just set up a new server with FC3. after reading george toft's
| presentation on security i thought it would be a good idea. i had gentoo
| installed and probably it was being hacked all the time, i don't know.

|
| today in my new install of FC3 i was told as root that i 'had new
| messages', in /var/spool/mail/root
| so i checked it out
| somebody has been trying to ssh into my acct with all kinds of usernames
| and apparently with no success. i'm told this is called ssh hammering
| and i need to setup iptables. I need to get started on tightening up
| security on this thing. My server runs a website and ssh will need to be
| running.
| my question: (i'm sure more to come)
| I was told I can set ssh up so that root can only access ssh from
| 127.0.0.1. how do i go about doing that. also how can i make my personal
| username have access to /whatever/apache/htdocs/* so I don't have to be
| root to edit things.

|
| mike hoy
| ---------------------------------------------------
| PLUG-discuss mailing list -
| To subscribe, unsubscribe, or to change you mail settings:
| http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

|
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss