Luis M wrote:
(snip)
6. use the AllowUsers option in sshd_config and put a comma separated
list of users that are allowed to login remotely. All other users will
simply be denied access.
7. Use tcp_wrappers to allow only a handful of IPs to login remotely
to your box. If you don't have a static IP
This requires the ipt_recent IPtables module, among others, and it is
in 2.4.22+ and 2.6 kernels. Both in testing. And requires upgrading
libc6, so use at your own risk.
Jeffrey
Quoting Jeffrey L. Taylor <[EMAIL PROTECTED]>:
> A possible improvement:
>
> http://www.soloport.com/iptables.html
>
On Sat, 29 Jan 2005 14:48:44 -0500, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
> On Sat, Jan 29, 2005 at 03:05:35PM +, michael wrote:
> > On debian-user it was suggested I also post this here, thanks, Michael
> > Forwarded Message
> > From: michael <[EMAIL PROTECTED]>
[snip]
On Sun, Jan 30, 2005 at 10:49:54AM -0200, Henrique de Moraes Holschuh wrote:
> On Sat, 29 Jan 2005, [EMAIL PROTECTED] wrote:
> > There are a lot of SSH brute force attacking scripts out there right
> > now. I see them here at home and I see them try to get into the work
> > machines all of the tim
On Sat, 29 Jan 2005, [EMAIL PROTECTED] wrote:
> There are a lot of SSH brute force attacking scripts out there right
> now. I see them here at home and I see them try to get into the work
> machines all of the time. A firewall will help you, but you will want
> to ensure that SSH is secured as we
On Sat, 29 Jan 2005, michael wrote:
On debian-user it was suggested I also post this here, thanks, Michael
I notice that frequently many machines around here get attacked by a
potential hacker (a prog I guess) trying lots of usernames to get in to
all the machines, using the same set of usernames
On Sat, Jan 29, 2005 at 03:05:35PM +, michael wrote:
> On debian-user it was suggested I also post this here, thanks, Michael
> Forwarded Message
> From: michael <[EMAIL PROTECTED]>
> To: debian user
> Subject: security
> Date: Fri, 28 Jan 2005 09:46:31 +
> I notice that
A possible improvement:
http://www.soloport.com/iptables.html
Quoting Steve Suehring <[EMAIL PROTECTED]>:
>
> Could it be this?
>
> http://lists.sans.org/pipermail/intrusions/2004-August/008357.html
>
> You didn't specify which usernames were being used, so it's tough to
> tell if that's the
On Sat, 2005-01-29 at 09:44 -0600, Steve Suehring wrote:
> Could it be this?
>
> http://lists.sans.org/pipermail/intrusions/2004-August/008357.html
>
> You didn't specify which usernames were being used, so it's tough to
> tell if that's the same.
There seems to be two sets, one is half a dozen
>
> I'm sure others have appropriate suggestions as well.
>
I've had similar problems myself so I threw together a little perl
just to check what usernames are being used so I can make a note of
never allowing any of them to be a valid one.
It's not very pretty, but you're welcome to it:
http:/
Could it be this?
http://lists.sans.org/pipermail/intrusions/2004-August/008357.html
You didn't specify which usernames were being used, so it's tough to
tell if that's the same.
A couple of simple and quick things that I might do if this was a
concern:
-Setup an iptables firewall on the boxe
Greetings,...
Am Samstag, 29. Januar 2005 16:05 schrieb michael:
> On debian-user it was suggested I also post this here, thanks, Michael
> Forwarded Message
> From: michael <[EMAIL PROTECTED]>
> To: debian user
> Subject: security
> Date: Fri, 28 Jan 2005 09:46:31 +
> I not
On debian-user it was suggested I also post this here, thanks, Michael
Forwarded Message
From: michael <[EMAIL PROTECTED]>
To: debian user
Subject: security
Date: Fri, 28 Jan 2005 09:46:31 +
I notice that frequently many machines around here get attacked by a
potential hacker
On Wed, 19 Jun 2002 13:46:14 +1000, Shane Machon <[EMAIL PROTECTED]>
wrote:
>Does anyone know if this effects potato's apache-ssl package also?
Yes it does.
>Is anyone able to confirm this?
>
The maintainer ?
http://lists.debian.org/debian-apache/2002/debian-apache-200206/msg00024.html
--
To
Previously Shane Machon wrote:
> Does anyone know if this effects potato's apache-ssl package also?
It does. Same for apache-perl. I'll have fixed for both of those out
today, I really needed to get some sleep first though.
Wichert.
--
Hi,
Does anyone know if this effects potato's apache-ssl package also?
Is anyone able to confirm this?
Cheers,
Shane.--- Begin Message ---
-BEGIN PGP SIGNED MESSAGE-
-
Debian Security Advisory DSA-131-1
16 matches
Mail list logo
