Re: SSH newbie interested in security concerns
From: Marco Benton - BOFH (marco_at_xssnet.com)
Date: Wed, 24 Nov 2004 20:42:54 -0500
-----BEGIN PGP SIGNED MESSAGE-----
| I am using Slackware 9.1 and recently decided to try out some basic
| ethernet usage. I connected another machine with the same OS via a
| crossover cable and by using some straightforward online tutorials got NFS
| up and running. I can ping both ways and mount the drives. I then tried
| out ssh to see if I could do some basic stuff in that way. Things looked
| fine and everything is working as I thought it would, again using some
| very basic online help type pages.
| The next step in my learning process was IP masquerading and trying to use
| the client to dial on the server. I use a dial-up with dynamic IP
| addresses btw. It worked just fine, much to my surprise to be honest. ;-)
| In my testing and such I kept an eye on the logs and found something which
| made me wonder if I am really doing anywhere near enough in regards to
| security now that I am using such new services.
| Here is what my /var/log/messages has been spitting out:
this kind of attack was mentioned in a few early posts.
as long as you have strong passwords (and your users dont give away
their password) and sshd is configured correctly then you shouldn't
worry too much about it. you'll see MANY more attempts to hack into
your machine in the future, get used to huge logs.
i hope you have a firewall in front of this machine?
Marco Benton - BOFH, BSMFH
BOFH excuse #317: The cause of the problem is: Your EMAIL is now being
delivered by the USPS.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
-----END PGP SIGNATURE-----