Archived material Access restricted Article
Rantburg

Today's Front Page   View All of Thu 02/23/2006 View Wed 02/22/2006 View Tue 02/21/2006 View Mon 02/20/2006 View Sun 02/19/2006 View Sat 02/18/2006 View Fri 02/17/2006
1
2006-02-23 
Tech note...
Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.
Posted by Fred 2006-02-23 14:35|| E-Mail|| Front Page|| [446 views since 2007-05-07]  Top

#1 I think I'll sign them up to some of the better pr0n mailing lists. S'only fair.
Posted by .com 2006-02-23 14:56||   2006-02-23 14:56|| Front Page Top

#2 "the fine anuses"


HAHAHAHAHA!
Posted by Mark E. 2006-02-23 15:06||   2006-02-23 15:06|| Front Page Top

#3 Thanks for keeping up the good fight, Fred!

IPs are from Taiwan, Switzerland, USA (Utah), and China respectively, per this IP locator...?
Posted by Dar">Dar  2006-02-23 15:11||   2006-02-23 15:11|| Front Page Top

#4 One from Taiwan. one from Germany, one from Beaverton Or and one from mainland China.

Looks as if one is an owned server.
Posted by Sock Puppet O' Doom 2006-02-23 15:17||   2006-02-23 15:17|| Front Page Top

#5 Those were the guys trying to ssh to our server.
Posted by Fred 2006-02-23 15:31||   2006-02-23 15:31|| Front Page Top

#6 I'll be sure to send them "Thank You" bombs Fred.
Posted by mmurray821 2006-02-23 15:31||   2006-02-23 15:31|| Front Page Top

#7 Fred - on a Linux system you can change the default sshd port to something other than 22. It won't stop a determined hacker from attacking (after first port-scanning). But it'll keep the random script kiddies out.
Posted by DMFD 2006-02-23 15:39||   2006-02-23 15:39|| Front Page Top

#8 You can also firewall it in such way only a limitative list of networks/adresses may access the sshd port.
Posted by  JFM"> JFM  2006-02-23 16:07||   2006-02-23 16:07|| Front Page Top

#9 Is there a way to set it up so that not all users with accounts can connect? They've been trying to log in using lists of first names. I want to allow only two users, three at the outside.
Posted by Fred 2006-02-23 16:28||   2006-02-23 16:28|| Front Page Top

#10 How about using names like Thomoting Clolush :-)
Posted by Nimble Spemble 2006-02-23 16:29||   2006-02-23 16:29|| Front Page Top

#11 Or Spemble ;-)
Posted by Seafarious">Seafarious  2006-02-23 16:40||   2006-02-23 16:40|| Front Page Top

#12 In /etc/ssh/sshd_config

Add a line like:

AllowUsers userid1 userid2 userid3

Only these three users can connect via ssh
Posted by DMFD 2006-02-23 17:01||   2006-02-23 17:01|| Front Page Top

#13 Is there a way to set it up so that not all users with accounts can connect?

Users restricted to FTP should get /bin/nologin as shell.

You can also edit /etc/security/access.conf as a way to control who can login

Feel free to mail me as often as you like for technical questions.
Posted by  JFM"> JFM  2006-02-23 17:09||   2006-02-23 17:09|| Front Page Top

#14 Fred: Edit sshd_config to Allow USers.

First man sshd_confiog for a full list.

My servers have that problem too, but it can be tempered by limiting the grace time from connect to login to something like 30 seconds and max 2 attempt. That way those dictionary attackss will go way down.

And since this is a remote machine you'll have to reboot the machine for the changes to take affect.

Serious execute man sshd_config for all the options. sshd is wonderful work of unix technology.
Posted by badanov 2006-02-23 17:28|| http://www.freefirezone.org/cgi-bin/index.pl]">[http://www.freefirezone.org/cgi-bin/index.pl]  2006-02-23 17:28|| Front Page Top

#15 Changes are made. Thanks to both.
Posted by Fred 2006-02-23 18:10||   2006-02-23 18:10|| Front Page Top

#16 Has php been ported to the Spemblix operating system yet?
Posted by Root Spemble 2006-02-23 22:54||   2006-02-23 22:54|| Front Page Top

#17 My CP/M machine has had zero successful attacks against it.
Posted by Jackal">Jackal  2006-02-23 23:40|| http://home.earthlink.net/~sleepyjackal/index.html]">[http://home.earthlink.net/~sleepyjackal/index.html]  2006-02-23 23:40|| Front Page Top

10:12 wxjames
02:02 Yousuf
23:41 Cheaderhead
23:40 Jackal
23:34 Cheaderhead
23:31 Steve White
23:21 3dc
23:17 3dc
23:17 trailing wife
23:15 Cheaderhead
23:12 Captain America
23:10 Captain America
23:01 Captain America
23:01 JosephMendiola
22:59 IAU member since 1951
22:58 trailing wife
22:56 Phil
22:54 Root Spemble
22:52 Old Patriot
22:49 Old Patriot
22:47 mojo
22:46 JosephMendiola
22:45 trailing wife
22:43 trailing wife
Merry-Go-Blog










Paypal:
Google
Search WWW Search rantburg.com