Article

2006-02-23

Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.

Posted by Fred 2006-02-23 14:35|| || Front Page|| [3 views since 2007-05-07] Top

#1 I think I'll sign them up to some of the better pr0n mailing lists. S'only fair.

Posted by .com 2006-02-23 14:56|| 2006-02-23 14:56|| Front Page Top

#2 "the fine anuses"

HAHAHAHAHA!

Posted by Mark E. 2006-02-23 15:06|| 2006-02-23 15:06|| Front Page Top

#3 Thanks for keeping up the good fight, Fred!

IPs are from Taiwan, Switzerland, USA (Utah), and China respectively, per this IP locator...?

Posted by Dar">Dar 2006-02-23 15:11|| 2006-02-23 15:11|| Front Page Top

#4 One from Taiwan. one from Germany, one from Beaverton Or and one from mainland China.

Looks as if one is an owned server.

Posted by Sock Puppet O' Doom 2006-02-23 15:17|| 2006-02-23 15:17|| Front Page Top

#5 Those were the guys trying to ssh to our server.

Posted by Fred 2006-02-23 15:31|| 2006-02-23 15:31|| Front Page Top

#6 I'll be sure to send them "Thank You" bombs Fred.

Posted by mmurray821 2006-02-23 15:31|| 2006-02-23 15:31|| Front Page Top

#7 Fred - on a Linux system you can change the default sshd port to something other than 22. It won't stop a determined hacker from attacking (after first port-scanning). But it'll keep the random script kiddies out.

Posted by DMFD 2006-02-23 15:39|| 2006-02-23 15:39|| Front Page Top

#8 You can also firewall it in such way only a limitative list of networks/adresses may access the sshd port.

Posted by JFM"> JFM 2006-02-23 16:07|| 2006-02-23 16:07|| Front Page Top

#9 Is there a way to set it up so that not all users with accounts can connect? They've been trying to log in using lists of first names. I want to allow only two users, three at the outside.

Posted by Fred 2006-02-23 16:28|| 2006-02-23 16:28|| Front Page Top

#10 How about using names like Thomoting Clolush :-)

Posted by Nimble Spemble 2006-02-23 16:29|| 2006-02-23 16:29|| Front Page Top

#11 Or Spemble ;-)

Posted by Seafarious">Seafarious 2006-02-23 16:40|| 2006-02-23 16:40|| Front Page Top

#12 In /etc/ssh/sshd_config

Add a line like:

AllowUsers userid1 userid2 userid3

Only these three users can connect via ssh

Posted by DMFD 2006-02-23 17:01|| 2006-02-23 17:01|| Front Page Top

#13 Is there a way to set it up so that not all users with accounts can connect?

Users restricted to FTP should get /bin/nologin as shell.

You can also edit /etc/security/access.conf as a way to control who can login

Feel free to mail me as often as you like for technical questions.

Posted by JFM"> JFM 2006-02-23 17:09|| 2006-02-23 17:09|| Front Page Top

#14 Fred: Edit sshd_config to Allow USers.

First man sshd_confiog for a full list.

My servers have that problem too, but it can be tempered by limiting the grace time from connect to login to something like 30 seconds and max 2 attempt. That way those dictionary attackss will go way down.

And since this is a remote machine you'll have to reboot the machine for the changes to take affect.

Serious execute man sshd_config for all the options. sshd is wonderful work of unix technology.

Posted by badanov 2006-02-23 17:28|| http://www.freefirezone.org/cgi-bin/index.pl]">[http://www.freefirezone.org/cgi-bin/index.pl] 2006-02-23 17:28|| Front Page Top

#15 Changes are made. Thanks to both.

Posted by Fred 2006-02-23 18:10|| 2006-02-23 18:10|| Front Page Top

#16 Has php been ported to the Spemblix operating system yet?

Posted by Root Spemble 2006-02-23 22:54|| 2006-02-23 22:54|| Front Page Top

#17 My CP/M machine has had zero successful attacks against it.

Posted by Jackal">Jackal 2006-02-23 23:40|| http://home.earthlink.net/~sleepyjackal/index.html]">[http://home.earthlink.net/~sleepyjackal/index.html] 2006-02-23 23:40|| Front Page Top

10:12 wxjames
02:02 Yousuf
23:41 Cheaderhead
23:40 Jackal
23:34 Cheaderhead
23:31 Steve White
23:21 3dc
23:17 3dc
23:17 trailing wife
23:15 Cheaderhead
23:12 Captain America
23:10 Captain America
23:01 Captain America
23:01 JosephMendiola
22:59 IAU member since 1951
22:58 trailing wife
22:56 Phil
22:54 Root Spemble
22:52 Old Patriot
22:49 Old Patriot
22:47 mojo
22:46 JosephMendiola
22:45 trailing wife
22:43 trailing wife