[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SSH Attacks - What to do?
Robert G. (Doc) Savage wrote:
> You can do any of the things others have suggested, or you can trust the
> inherent strength of the SSH service and do nothing. This is what I've
> done for a dedicated nameserver running "in the wild", as it were, under
> RHAS v2.1 for the past three years out in front of a firewall.
>
> The secrets to its continuing survival are simple: (1) keep the number
> of logon accounts to the barest minimum, (2) require those accounts to
> use the strongest passwords their owners can remember, (3) keep the
> system up2date, and (4) turn off all unnecessary services. The only
> active externally visible services on that DNS machine are ssh and
> named.
Well, we only have two accounts my son and mine. The passwords are
fairly strong. Two random words from the dictionary separated by a
random number. Not sure what more we could do here without having to
write it down!
The machine is used to provide access to his school work and some of
my source code, etc. from remote locations via ftp. I also use it to
share photos or diagrams from time to time via simple web pages using
Apache.
It's in need of some updates both hardware and software. Presently it
still runs Red Hat 8. It's an old 200MHz PII with a small drive. The
replacement is a bit faster with a larger drive. I may end up running
Debian on it, I need to familiarize myself with it for another project
this Fall.
Thanks to everyone for the tips. I need to crack the books/man files
on several to better understand them.
Tim
--
Tim
-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.