[mdlug] Restricted Remote Access Script
Michael S. Mikowski
mmikowski at valueclick.com
Tue Jan 16 19:36:59 EST 2007
Thank you for all your advice! I will move to a
non-standard port presently. Ray, Ostiary looks real
cool, and I'll let you know if I deploy or the throttling
concepts others have offerred.
Cheers!
Mike
On Monday 15 January 2007 07:07, Ingles, Raymond wrote:
> > From: Michael S. Mikowski
> >
> > My remote machine is getting hit with 1500+
> > dictionary login attempts per day, and I think its
> > time to consider locking down ssh.
>
> As others have noted, moving ssh to a different port
> will cut that to virtually nil. Using public key
> authentication on top of that is about as much security
> as most people need.
>
> However, if you're paranoid, or have reason to believe
> that a person (not just an automated worm) is trying to
> break in to your machine specifically, you can go
> further. I wrote Ostiary to satisfy my own paranoia,
> but thanks to a power fluctuation my firewall is down
> right now, and so is my website. The mirror is here:
>
> http://home.twmi.rr.com/sorceror/
>
> All the documentation and design rationales are in the
> package, along with some links to alternatives.
>
> Sincerely,
>
> Ray Ingles (313)
> 227-2317
>
> "We should post this information on the
> Internet!" - Milhouse Van Houten
> "No! We have to reach people whose opinions actually
> *matter*!" - Bart Simpson
> The contents of this e-mail are intended for the named
> addressee only. It contains information that may be
> confidential. Unless you are the named addressee or an
> authorized designee, you may not copy or use it, or
> disclose it to anyone else. If you received it in error
> please notify us immediately and then destroy it.
> _______________________________________________ mdlug
> mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
--
Michael S. Mikowski
Software Engineering Manager
ValueClick Search
ValueClick Inc.
818.575.4587
More information about the mdlug
mailing list