Re: [bitfolk] The perils of opening tcp/22 to the Internet

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MIan at <-
MNigel Rantor at ->

Reply to this message
Author: David Anderson
Date:  
To: users
Subject: Re: [bitfolk] The perils of opening tcp/22 to the Internet
On Thu, 18 Mar 2010 00:35:15 +0000
Ian <ian@???> wrote:

> Andy said:
>
> > [lots of interest]
>
> Much has been said so I'll be brief...
>
> I found DenyHosts really easy to install and set up. The only problem
> has been mistyping my password and being banned myself - using the
> other VPS to reset it works, cough.

I found the same with DenyHosts. I also managed to have my IP banned,
but at least I had a SSH session open to be able to reverse things. The
problem was caused by DenyHosts running through the auth log and
finding my abortive attempts at connection a couple of days earlier.
Putting my IP in /etc/hosts.allow sorted that.

One of the things I like about DenyHosts is the sync feature to build
up a list of naughty users/hosts.

>
> An idiots guide to setting up keys would be useful, but I will still
> want to use (strong) passwords sometimes.

I would like to see an idiots guide as well, although googling might
provide such.

>
> I would moan about moving the SSH port.
>

The use of non-standard ports is fine as long as you can remember what
the new ports are on all the machines you access. Remembering the
standard port is much easier - but also easier for the the slime

I have been using Linux for several years, but not outside my own home
network, so I am no expert on "outside" security. I purchased a VPS to
allow me to experiment with a real system. The first thing I did was
to check the logs, and that pointed me to a problem with ssh hacking.
A bit of googling threw up DenyHosts, and after a few hiccups it is
now working.

As I am not expert in the many configuration files necessary for a
running system I installed Webmin to give some help in setting
things up. Webmin seems to have split reviews - the Debian
community hate it and will flame anyone asking for advice for it,
but other distros seem more laid back.

Because my VPS is used as a training platform I do not access it
very often, so something providing a bit of protection in the
background is welcome.

I would have thought that a VPS could be provided in a locked-down
form - perhaps with a firewall running allowing very few services.
Then the senior admins can change things to their own way of
working, and those lesser beings have a platform which has some
basic security built in.

Regards
David

This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-[bitfolk] Security - not just SSHRe: [bitfolk] Security - not just SSH->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.1)