Re: SSH Attacks - What to do?

[Tim McDonough <tim@mcdonough.net>]

Robert G. (Doc) Savage wrote:

> You can do any of the things others have suggested, or you can trust the
> inherent strength of the SSH service and do nothing. This is what I've
> done for a dedicated nameserver running "in the wild", as it were, under
> RHAS v2.1 for the past three years out in front of a firewall.
> 
> The secrets to its continuing survival are simple: (1) keep the number
> of logon accounts to the barest minimum, (2) require those accounts to
> use the strongest passwords their owners can remember, (3) keep the
> system up2date, and (4) turn off all unnecessary services. The only
> active externally visible services on that DNS machine are ssh and
> named.

Well, we only have two accounts my son and mine. The passwords are 
fairly strong. Two random words from the dictionary separated by a 
random number. Not sure what more we could do here without having to 
write it down!

The machine is used to provide access to his school work and some of 
my source code, etc. from remote locations via ftp. I also use it to 
share photos or diagrams from time to time via simple web pages using 
Apache.

It's in need of some updates both hardware and software. Presently it 
still runs Red Hat 8. It's an old 200MHz PII with a small drive. The 
replacement is a bit faster with a larger drive. I may end up running 
Debian on it, I need to familiarize myself with it for another project 
this Fall.

Thanks to everyone for the tips. I need to crack the books/man files 
on several to better understand them.

Tim


-- 
Tim

-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.