If you ever look at you security logs and found something like
sshd[18561]: Failed password for invalid user nagios from 69.197.163.178 port 47771 ssh2
This a brute force attack to you server, yes there are some people with scripts that can be found on the net, that just try to login to you sever using a dictionary of common used users and password, so how do we avoid this, you can install denyhosts script you can download it from http://denyhosts.sourceforge.net/ or if using Fedora just do yum install denyhosts
After installation remember to set it up to start and set it to start on the next boot.
Fedora
service denyhosts start
and
chkconfig denyhosts on
How it works, it read the secure logs of your sever and watch for the host attacking your system, and the user, then it update the info on the /etc/hosts.deny file on your system so the services will not respond to this host attack again.
How ever there are more options to secure your sever using this script, for those please read
This is cool right. Enjoy.
1 comment:
thx worked on my ubuntu server.
Post a Comment