|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: SPAM: Re: [suse-security] Openssh + security
From: Bruno Cochofel (bruno.cochofel
gmail.com)
Date: Mon Dec 12 2005 - 07:05:44 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I believe there's a program called sentry tools (port sentry, logcheck
and host sentry) that could do the job but I think this is obsolete and
the version under sourceforge is old.
Does anyone know where this can be found by these days? Or there's any
substitute? I want not only to monitor sshd port put also others
services running...
Thanks,
Bruno
Scott Leighton wrote:
>On Sunday 11 December 2005 3:27 pm, Jaime Santos wrote:
>
>
>>Hi again,
>>
>>If someone is using a script to probe port 22 of random machines,
>>probably it does make sense to attach the ssh server
>>to some other port. But your users will have to be warned that they have
>>to explicitly name such a port when trying to
>>login remotely. Furthermore, a nmap search for open ports can always
>>reveal the services which are available, but this
>>is a directed attack. Given the nuisance (such strategy is essentially
>>security via obscurity), I think it isn't worth doing it.
>>
>>
>>
>
> Yes, the script kiddies are a nuisance. I use login_sentry to send
>them on their way (it adds their IP address to hosts.deny).
>
> http://www.lumiere.net/~j/login_sentry/
>
> Scott
>
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]