[plug] ssh scans
Shannon Carver
shannon.carver at gmail.com
Mon Sep 11 09:34:54 WST 2006
Interesting! Jason's IPB Monitor sounds like a good all-in-one package,
might give it a go tonight for my home Machine.
I'm lucky in my current position, that most of the boxes I administer, I do
so on my own, so I can limit SSH connections to a set of IP's where I'll be
connecting from, or in the case that other users do need SSH access to the
system they're usually only connecting from Work connections anyway (static
IPs), VPN etc.
Thanks for the IPB monitor link!
> -----Original Message-----
> From: plug-bounces at plug.org.au [mailto:plug-bounces at plug.org.au] On Behalf
> Of Patrick Coleman
> Sent: Monday, 11 September 2006 9:29 AM
> To: plug at plug.org.au; billk at iinet.net.au
> Subject: Re: [plug] ssh scans
>
> On 9/11/06, W.Kenworthy <billk at iinet.net.au> wrote:
> > I have a machine where ssh has been changed from being protected by
> > firewall rules, to be open to the world. So of course, now I am getting
> > ssh scans.
> >
> > There are also a small number of users whose passwords I do not
> > necessarily trust (time for jack the ripper!), so whats the thinking on
> > the best way to secure against such scans? Is there something in ssh,
> > or amultiple connection firewall restriction?
> >
> > BillK
>
> We use ipb-monitor
> (http://jason.mindsocket.com.au/pages/linux/ipb-monitor/) which was
> actually written by somebody on this list (Jason Nicholls). Works very
> well.
>
> --Patrick
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
More information about the plug
mailing list