[Tfug] OT: Reporting Network Abuse?
Matthew Shucker
mshucker at arizona.edu
Sun Jun 24 18:02:08 MST 2007
On 6/24/07, Robert Hunter <hunter at tfug.org> wrote:
>
>
> Define who can and cannot connect to services on your box via
> /etc/hosts.{allow,deny}, and that should prevent those clowns from
> ever getting a login prompt on your box again.
>
When I had the ssh port open on my home network, I noticed that almost all
of those invalid login attempts seemed to be script kiddies in Asia. Since
I wasn't planning on going there, I added this to my /etc/hosts.deny:
sshd: .cn, .cn.net, .cn.com, .jp, .jp.com, .tw
I also used AllowUsers in sshd_config to restrict to my IDs. I don't know
if it many any real difference, but it certainly didn't hurt to lock it down
more.
Matt
More information about the tfug
mailing list