I use fail2ban on my OpenIndiana machine. I opted to compile it because
the one around for OI are pretty old. There were no issues. If I
remember, I did use the svc files from one of these packages but I might
have whipped up my own. I also moved my ssh port to 222 just because of
the frequency ssh was getting hit. I rarely see an attempt to connect
from a bot.
Gary
On 6/29/2015 3:37 AM, Till Wegmüller wrote:
Brogyányi József schrieb am Sunday 28 June 2015 11.01:55:
/The last was strange a little bit because he wanted to switch of the
server. I think you have to change the 21 and 22 communication port.
I use the 443 port for ssh. I can reach the server easily from anywhere
because every company left it open that port.
I Advise Strongly against using a different port for SSH. Especially a port
like 443 which by default is used by apache and other webservers. Some
Webservers might refuse to launch depending on their configuration.
I've noticed some text output before shutting down the system.
It seems someone ( or bots ) are constantly trying to log in as root.
Yea there are some Chinese Bot nets that scan for open SSH Ports and try to log
in with root. I have them on every SSH capable server which is Internet
reachable. They don't only scan 22 but also 666 or 1337. But they only make
tries with weak default passwords like 12345.
If you want to block them I suggest the Tool fail2ban. I use it on my Linux
boxes and it works like a charm. There also seems to be a Port for snv_134
https://github.com/jamesstout/fail2ban-0.8.4-OpenSolaris but I haven't tested
that.
Greetings Till
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
