| 1 |
On Mon, Dec 06, 2004 at 11:28:03PM +0200, Adrian CAPDEFIER wrote: |
| 2 |
> Pe data de Luni 06 Decembrie 2004 21:12, Luigi Pinna a scris: |
| 3 |
> > I read now from my logs that there is someone who try to login in my |
| 4 |
> > computer. |
| 5 |
> > He uses always dynamic ip address or in every case he changes his ip |
| 6 |
> > everyday. |
| 7 |
> > What can I do? |
| 8 |
> > I have all the ip but it is first time that I see an attack versus me |
| 9 |
> > Thanks for the tips |
| 10 |
> > Luigi |
| 11 |
> |
| 12 |
> is he doing that using ssh? If your computer is not a public server where |
| 13 |
> people expect to connect on port 22 then you can alter the port to say 2222. |
| 14 |
> One of the best security measures around :). |
| 15 |
|
| 16 |
No! I once worked someplace where a machine was on the net and not |
| 17 |
carefully maintained. ssh was running on a non-standard port, and it |
| 18 |
was rooted via an unpatched hole. |
| 19 |
|
| 20 |
I suggest keeping your machine up to date and pached with the latest |
| 21 |
security fixes, and making sure you have good passwords on your |
| 22 |
accounts. If you offer accounts to any friends named Frank, Joe, or |
| 23 |
Jim, make sure they have good passwords, for those are very guessable |
| 24 |
user names. |
| 25 |
|
| 26 |
I get failed logins most days, but my passwords are pretty |
| 27 |
unguessable. I choose a password by taking 4 bytes from /dev/random |
| 28 |
and run them through mnencode. See a previous posting of mine: |
| 29 |
http://www.redhat.com/archives/redhat-list/2003-March/msg02072.html. |
| 30 |
My technique gives me a very memorable password that still have |
| 31 |
32-bits (4 billion combinations) of entropy in it. |
| 32 |
|
| 33 |
-kb |
| 34 |
|
| 35 |
-- |
| 36 |
gentoo-user@g.o mailing list |
Archives