Re: SSH attacks?
From: alann lopes (alann_at_ucsd.edu)
Date: 08/01/04
- Previous message: Juri Haberland: "Re: SSH attacks?"
- In reply to: Valdis.Kletnieks_at_vt.edu: "Re: SSH attacks?"
- Next in thread: George Georgalis: "Re: SSH attacks?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <Valdis.Kletnieks@vt.edu>, "'M Shirk'" <shirkdog_linux@hotmail.com> Date: Sat, 31 Jul 2004 17:21:18 -0700
On Fri, 30 Jul 2004 07:16:52 EDT, M Shirk said:
> > If possible, change your SSHD port as
> > discussed in which you will avoid any
> > of these types of scans.
On Fri, July 30, 2004 1:51 PM, Valdis.Kletnieks said:
> Or even better, use iptables/ipf/whatever to
> restrict what hosts can connect, if you can. If
> you know that a connection should only be from
> within the subnet, throw in a ruleset to allow
> that, and then a deny for everybody else.
I agree with Valdis... I've found this methodology
very useful over the years. And to deal with
clients from dynamic IPs, about 5 years ago
I wrote a few scripts and a web interface
that allows these remote users to register
their dynamic IPs by authenticating themselves
against a pop server using APOP. The web
connection is SSLed. It has worked extremely
well for years for both myself and a few other
folks here on campus.
cheers,
alann
- Previous message: Juri Haberland: "Re: SSH attacks?"
- In reply to: Valdis.Kletnieks_at_vt.edu: "Re: SSH attacks?"
- Next in thread: George Georgalis: "Re: SSH attacks?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
