Securing SSH against brute force attacks
Today I was looking at my /var/log/messages file on my home machine and noticed a bunch of attempts to ssh in with a bunch of different names. This is a brute force attack and they are apparently quite common. I have a router forwarding the ssh port 22 to one of my linux boxes so I can connect from other locations.
When I saw these attacks I asked a friend what I can do to increase the security of my ssh to further protect my network. The following or some of his suggestions and some or my experiences with them.
When I saw these attacks I asked a friend what I can do to increase the security of my ssh to further protect my network. The following or some of his suggestions and some or my experiences with them.
* First is to specify the list of users you will allow to ssh into the box in the sshd.conf files
I had a little trouble on SLED finding where in the file to do this. On SLED sshd is set to use PAM for authentication. So I need to figure out how to tell PAM that certain users are not allowed to use ssh.
I had a little trouble on SLED finding where in the file to do this. On SLED sshd is set to use PAM for authentication. So I need to figure out how to tell PAM that certain users are not allowed to use ssh.
* Next, you can setup some iptables rules so that it only allows a certain number of attempts to ssh into the box per minute, this will decrease the script kiddies ect
I just set the MaxAuthTries 6. Hoping that that will do. If I can't get my password in 6 attemts I will have to try again later. I may regret this if it locks me out forever or something like that.
I just set the MaxAuthTries 6. Hoping that that will do. If I can't get my password in 6 attemts I will have to try again later. I may regret this if it locks me out forever or something like that.
a couple articles on the subject...
http://geekpit.blogspot.com/2006/04/five-minutes-to-more-secure-ssh.html
http://geekpit.blogspot.com/2006/04/five-minutes-to-more-secure-ssh.html
0 Comments:
Post a Comment
<< Home