First off, going to request admins if it's possible to either create a new security section or to sticky this topic.
Hey guys,
Recently had a few brute force attempts on my server on the SSH port.
Now, this is going to be an occurrence whether you like it or not, especially from script kiddies who attack port 22 (they will rarely look at other ports so I'm told).
These are the steps I made to minimise/eliminate this sort of behaviour:
Step 1. Do you REALLY need SSH access remotely? (I did, but it's a question you have to ask yourself).
Step 2. Do you need SSH on port 22? If not, change the port!
Step 3. Check your logs to make sure that no-one has tried to get in already (or succeed).
Step 4. Install LogWatch so that you can get emails about unsuccessful login attempts and from what IPs (it will be under the "SSHD" heading).
Step 3. Install Fail2Ban (http://www.fail2ban.org) and configure it accordingly (http://linuxaria.com/howto/fail2ban-bru ... ks?lang=en or use Google).
Step 4. Install DenyHosts (this will be a secondary tool to assist you and will run alongside Fail2Ban - again, configure appropriately).
Step 5. If you already have some IP addresses, add them to your IPTables.
*Optional*
Step 6. Disable root logins (this will stop anyone logging in as root, and will only allow other usernames to login).
Step 7. Ensure you have SSL Keypairs enabled (https://wiki.amahi.org/index.php/Key-ba ... With_Putty).
Anything else, please feel free to comment below!
Securing your server
Re: Securing your server
Good info. Would you mind adding this to the wiki. I think that would be a better place to capture things of this nature.
Would also be nice if we could get some tutorials documented on how to do some of the lock downs you mention in Amahi. There are many who would appreciate it.
Would also be nice if we could get some tutorials documented on how to do some of the lock downs you mention in Amahi. There are many who would appreciate it.
ßîgƒσστ65
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Who is online
Users browsing this forum: No registered users and 54 guests