Re: Strengthen OpenSSH security?

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Strengthen OpenSSH security?
From: Kd <kilrathi@xxxxxxxxx>
Date: Thu, 20 Apr 2006 00:03:30 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:date:to:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type:content-transfer-encoding:from; b=HFALbHx4Xs0nuPMefZ2pEdlOrYYYoXswknDQf0LMunrfOU5E9iY5LiJtrRGcxQSLfQ/AT9RFPFBBv7Cr9BzHNf6DyedBhROUGeV1GeJ0C+unDTzMkpqJzF9WQgUXunwfSWPav+QvHPFzAxqcILFa4pB4Qpe7t66qPwFJ3D/mUBQ=
In-reply-to: <7.0.1.0.2.20060417223005.098d8eb0@xxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <7.0.1.0.2.20060417223005.098d8eb0@xxxxxxxxxx>

Yes I see this all the time. I find it amusing from time to time. I've even 
taken a 'closer look' at the machines being used in the attacks. Many in Asia I 
find. As for my solution I was working on a portsentry script til I found 
Denyhosts, a python script, that adds break-in attempts to my /etc/hosts.deny. 
Works like a charm. Other sshd tweaks should be made, disallow root logins, max 
auth attempts, etc., to bloster security.


-Kd
-- 
When I've captured my adversary and he says, "Look, before you kill me, will
you at least tell me what this is all about?" I'll say, "No." and shoot him.
No, on second thought, I'll shoot him and then say "No."
http://www.proft.org/tips/evil.html

References:
- Strengthen OpenSSH security?
  - From: Brett Glass

Prev by Date: Mini-NUKE v2.3<<--- SQL Injection
Next by Date: [ GLSA 200604-09 ] Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
Previous by thread: Re: Strengthen OpenSSH security?
Next by thread: Re: Strengthen OpenSSH security?
Index(es):
- Date
- Thread