Network Security: Detailed info on Re: what to do?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

Re: what to do?

from [AragonX] Network Security

[Permanent Link]

Subject:	Re: what to do?
Date:	Tue, 30 Aug 2005 07:52:16 -0400 (EDT)

<quote who="Jayson Anderson">

On Thu, 2005-08-25 at 00:30 -0700, Bill Smith wrote:

Hi Guys,

I noticed that someone is trying to hacker into my
machine. Please see below is the content of
/var/log/security.
what I would like some advice of you guys is, what
will I do with these people?
btw, I do have FW


Do you need to be able to access your machine remotely through ssh?

   If no then disable.

Do others need to be able to access your machine remotely through ssh?

   If no then 'AllowUsers = <enter your user name>' in sshd_config

Do you have a limited number of domains you logon from?

   If yes then '$IPTABLES -A INPUT -p tcp -i $EXTIF -s yourdomain.com
--dport 22 -j ACCEPT' in your firewall rules.  Need a default deny
policy.

Finally I also suggest:

   ListenAddress <anything other than 22>
   PermitRootLogin no

This of course assumes that you are using a newer version of Linux.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
what to do?, Bill Smith Re: what to do?, Jayson Anderson Re: what to do?, AragonX <= Re: what to do?, Ansgar -59cobalt- Wiechers Re: what to do?, Alexander Bolante Re: what to do?, Robert Escue Re: what to do?, Bow Sineath Re: what to do?, Leif Ericksen Re: what to do?, Duncan Re: what to do?, Jonathan Loh RE: what to do?, Eduardo Suzuki Re: what to do?, morph84 Re: what to do?, cam

Previous by Date:	RE: what to do?, Eduardo Suzuki
Next by Date:	Re: FW: Your opinion on Skype, Michael Puchol
Previous by Thread:	Re: what to do?, Jayson Anderson
Next by Thread:	Re: what to do?, Ansgar -59cobalt- Wiechers
Indexes:	[Date] [Thread] [Top] [All Lists]