楊景皓的工作日記: linux, debian, mysql, vim, php, javascript, python
in /etc/ssh/sshd_config
/PermitRootLogin yes
change to
/PermitRootLogin no
then
/etc/init.d/ssh restart
I'd also:RSAAuthentication yes...# Change to no to disable tunnelled clear text passwords#PasswordAuthentication yesPasswordAuthentication noAnd in order to fend off ssh attack attempts, here'ssome iptables rules for denying access for N minutes after M failed login attempts.## --------------------------------------------------------------------------------------------------## SSH## --------------------------------------------------------------------------------------------------# Create chains to defend from SSH attackiptables -N SSH_CHECKiptables -N SSH_ATTACKED# Captures SSH connections#iptables -A INPUT -p tcp -m state --state NEW --dport 22 -j SSH_CHECKiptables -A INPUT -i ppp0 -p tcp --dport 22 -m state --state NEW -j SSH_CHECK# Define SSH_CHECK chainiptables -A SSH_CHECK -m recent --set --name SSHiptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name SSH -j SSH_ATTACKEDiptables -A SSH_CHECK -j ACCEPT# Define SSH_ATTACKED chainiptables -A SSH_ATTACKED -j LOG --log-prefix "iptables SSH attack: " --log-level 7iptables -A SSH_ATTACKED -j REJECTCheersRob -
thanks
I'd also:
ReplyDeleteRSAAuthentication yes
...
# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes
PasswordAuthentication no
And in order to fend off ssh attack attempts, here's
some iptables rules for denying access for N minutes
after M failed login attempts.
## --------------------------------------------------------------------------------------------------
## SSH
## --------------------------------------------------------------------------------------------------
# Create chains to defend from SSH attack
iptables -N SSH_CHECK
iptables -N SSH_ATTACKED
# Captures SSH connections
#iptables -A INPUT -p tcp -m state --state NEW --dport 22 -j SSH_CHECK
iptables -A INPUT -i ppp0 -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
# Define SSH_CHECK chain
iptables -A SSH_CHECK -m recent --set --name SSH
iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name SSH -j SSH_ATTACKED
iptables -A SSH_CHECK -j ACCEPT
# Define SSH_ATTACKED chain
iptables -A SSH_ATTACKED -j LOG --log-prefix "iptables SSH attack: " --log-level 7
iptables -A SSH_ATTACKED -j REJECT
Cheers
Rob -
thanks
Delete