Archived material Access restricted Article
Rantburg

Today's Front Page   View All of Thu 02/23/2006 View Wed 02/22/2006 View Tue 02/21/2006 View Mon 02/20/2006 View Sun 02/19/2006 View Sat 02/18/2006 View Fri 02/17/2006
1
2006-02-23 
Tech note...
Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.
Posted by Fred 2006-02-23 14:35|| E-Mail|| Front Page|| [435 views since 2007-05-07]  Top

#1 I think I'll sign them up to some of the better pr0n mailing lists. S'only fair.
Posted by .com 2006-02-23 14:56||   2006-02-23 14:56|| Front Page Top

#2 "the fine anuses"


HAHAHAHAHA!
Posted by Mark E. 2006-02-23 15:06||   2006-02-23 15:06|| Front Page Top

#3 Thanks for keeping up the good fight, Fred!

IPs are from Taiwan, Switzerland, USA (Utah), and China respectively, per this IP locator...?
Posted by Dar">Dar  2006-02-23 15:11||   2006-02-23 15:11|| Front Page Top

#4 One from Taiwan. one from Germany, one from Beaverton Or and one from mainland China.

Looks as if one is an owned server.
Posted by Sock Puppet O' Doom 2006-02-23 15:17||   2006-02-23 15:17|| Front Page Top

#5 Those were the guys trying to ssh to our server.
Posted by Fred 2006-02-23 15:31||   2006-02-23 15:31|| Front Page Top

#6 I'll be sure to send them "Thank You" bombs Fred.
Posted by mmurray821 2006-02-23 15:31||   2006-02-23 15:31|| Front Page Top

#7 Fred - on a Linux system you can change the default sshd port to something other than 22. It won't stop a determined hacker from attacking (after first port-scanning). But it'll keep the random script kiddies out.
Posted by DMFD 2006-02-23 15:39||   2006-02-23 15:39|| Front Page Top

#8 You can also firewall it in such way only a limitative list of networks/adresses may access the sshd port.
Posted by  JFM"> JFM  2006-02-23 16:07||   2006-02-23 16:07|| Front Page Top

#9 Is there a way to set it up so that not all users with accounts can connect? They've been trying to log in using lists of first names. I want to allow only two users, three at the outside.
Posted by Fred 2006-02-23 16:28||   2006-02-23 16:28|| Front Page Top

#10 How about using names like Thomoting Clolush :-)
Posted by Nimble Spemble 2006-02-23 16:29||   2006-02-23 16:29|| Front Page Top

#11 Or Spemble ;-)
Posted by Seafarious">Seafarious  2006-02-23 16:40||   2006-02-23 16:40|| Front Page Top

#12 In /etc/ssh/sshd_config

Add a line like:

AllowUsers userid1 userid2 userid3

Only these three users can connect via ssh
Posted by DMFD 2006-02-23 17:01||   2006-02-23 17:01|| Front Page Top

#13 Is there a way to set it up so that not all users with accounts can connect?

Users restricted to FTP should get /bin/nologin as shell.

You can also edit /etc/security/access.conf as a way to control who can login

Feel free to mail me as often as you like for technical questions.
Posted by  JFM"> JFM  2006-02-23 17:09||   2006-02-23 17:09|| Front Page Top

#14 Fred: Edit sshd_config to Allow USers.

First man sshd_confiog for a full list.

My servers have that problem too, but it can be tempered by limiting the grace time from connect to login to something like 30 seconds and max 2 attempt. That way those dictionary attackss will go way down.

And since this is a remote machine you'll have to reboot the machine for the changes to take affect.

Serious execute man sshd_config for all the options. sshd is wonderful work of unix technology.
Posted by badanov 2006-02-23 17:28|| http://www.freefirezone.org/cgi-bin/index.pl]">[http://www.freefirezone.org/cgi-bin/index.pl]  2006-02-23 17:28|| Front Page Top

#15 Changes are made. Thanks to both.
Posted by Fred 2006-02-23 18:10||   2006-02-23 18:10|| Front Page Top

#16 Has php been ported to the Spemblix operating system yet?
Posted by Root Spemble 2006-02-23 22:54||   2006-02-23 22:54|| Front Page Top

#17 My CP/M machine has had zero successful attacks against it.
Posted by Jackal">Jackal  2006-02-23 23:40|| http://home.earthlink.net/~sleepyjackal/index.html]">[http://home.earthlink.net/~sleepyjackal/index.html]  2006-02-23 23:40|| Front Page Top

10:12 wxjames
02:02 Yousuf
23:41 Cheaderhead
23:40 Jackal
23:34 Cheaderhead
23:31 Steve White
23:21 3dc
23:17 3dc
23:17 trailing wife
23:15 Cheaderhead
23:12 Captain America
23:10 Captain America
23:01 Captain America
23:01 JosephMendiola
22:59 IAU member since 1951
22:58 trailing wife
22:56 Phil
22:54 Root Spemble
22:52 Old Patriot
22:49 Old Patriot
22:47 mojo
22:46 JosephMendiola
22:45 trailing wife
22:43 trailing wife

Rantburg was assembled from recycled algorithms in the United States of America. No trees were destroyed in the production of this weblog. We did hurt some, though. Sorry.
18.205.109.152

Merry-Go-Blog










Paypal:
Google
Search WWW Search rantburg.com