No. 1 Story

HP job cuts loom for Australian employees

A number of Australian employees of Hewlett-Packard are facing the loss of their jobs as the global computer giant looks to slash its worldwide workforce by up to 30,000.

read more

Related Articles

Hack, and, crack, proof, SSH, Linux
Linux to dominate Australia through T-Box and Android
In only a couple of years, millions of Australians will directly be using the...
Read More

More From

Popular Threads

Hack and crack proof SSH on Linux

David M Williams
Thursday, 02 August 2007 18:43

Business IT - Open Source

View Comments
Page 3 of 3
sshblack

You might prefer not to edit the iptables rules yourself. Or, you may want rules which exercise more intelligence so that genuine users, albeit absent-minded, aren’t locked out.

In this case, sshblack is a freely-downloaded Perl script that eases the burden. It actively monitors log files for any concerning activity and reacts to aggressive attacks by adding their IP address to a blacklist. Any host attempting a connection which is found in the blacklist is prevented from making an SSH connection. After a period of time, the host is removed from the blacklist. The script can send e-mail notices keeping you aware of any possible concerns.

The downsides to sshblack are that it hasn’t been updated since 2006, and also that it works by parsing log files. This means it doesn’t necessarily react instantaneously to cracking attempts depending on the processor’s load.

DenyHosts

We've saved the best to last. Now you know the problem and approaches to solving it, there’s another terrific option, the SourceForge project called DenyHosts, written in Python. Like all the above, the fundamental purpose is to thwart SSH attacks by blocking IP addresses which appear to be engaging in malicious behaviour. Where DenyHosts differs is that it isn’t running in isolation. The above solutions will reject hosts after they’ve already made failed attempts on your computer; by contrast DenyHosts uses a communal database to proactively protect your system. You need not even suffer one connection attempt by a host which has been detected as hostile by others.

DenyHosts is a snap to set up. Just install the RPM or unpack the tarball – both available for free download from SourceForge. Out of all the methods surveyed here, DenyHosts is the slickest and most elegant. Its one catch is that it is tied to the version of Python installed. This means you need to exercise caution whenever upgrading Python. Alternatively, you can install multiple versions of Python in different directories.

It’s not uncommon to have crackers survey your system. Sadly, it’s also not uncommon for people to overlook security options. The above techniques can make the difference on your computer and bolster your security and peace of mind.


Start 1 2 3 Next 

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases