Re: Need urgent help regarding security
At 02:42 PM 11/18/2005 +1000, Timothy Smith wrote:
| i have seen a similar attack recently doing a brute force ssh. the
| number ONE weakness in most poorly run IT systems, is easy passwords.
| it's amazingly easy to brute force these systems using common names or
| variations of them.
Speaking of SSH, if you have to provide SSH service via a public IP# (and you
are unable to limit traffic to just specific management/workstation IP#'s), then
it's always a good idea to confirm that root login is not enabled in
/etc/ssh/sshd_config. This make a brute force attack much more difficult, since
a would-be attacker not only has to hit the correct password, but they also have
to know a valid username on the system (as opposed to just using 'root') during
an attack.
Also, if you have access to the router, it's handy to re-write traffic from a
higher public port down to port 22 on the server, since that will trip up anyone
doing scans looking for a connect on port 22 across a large number of IP's.
Anyway, just a couple of ideas I thought might be helpful while on the subject
of SSH hardening :-)
Ray
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 11 之 36 篇):