Hack and crack proof SSH on Linux

User Rating: / 15
PoorBest 

by David M Williams

Friday, 03 August 2007

Page 3 of 3 sshblack You might prefer not to edit the iptables rules yourself. Or, you may want rules which exercise more intelligence so that genuine users, albeit absent-minded, aren’t locked out. Related stories Dell records boom growth in Asia Pac and Japan Broadcom backs 60GHz ultra broadband networking group Microsoft investment shows all is not well at Novell Google Gears up Safari support How Windows Vista is turning people to Linux In this case, sshblack is a freely-downloaded Perl script that eases the burden. It actively monitors log files for any concerning activity and reacts to aggressive attacks by adding their IP address to a blacklist. Any host attempting a connection which is found in the blacklist is prevented from making an SSH connection. After a period of time, the host is removed from the blacklist. The script can send e-mail notices keeping you aware of any possible concerns. The downsides to sshblack are that it hasn’t been updated since 2006, and also that it works by parsing log files. This means it doesn’t necessarily react instantaneously to cracking attempts depending on the processor’s load. DenyHosts We've saved the best to last. Now you know the problem and approaches to solving it, there’s another terrific option, the SourceForge project called DenyHosts, written in Python. Like all the above, the fundamental purpose is to thwart SSH attacks by blocking IP addresses which appear to be engaging in malicious behaviour. Where DenyHosts differs is that it isn’t running in isolation. The above solutions will reject hosts after they’ve already made failed attempts on your computer; by contrast DenyHosts uses a communal database to proactively protect your system. You need not even suffer one connection attempt by a host which has been detected as hostile by others. DenyHosts is a snap to set up. Just install the RPM or unpack the tarball – both available for free download from SourceForge. Out of all the methods surveyed here, DenyHosts is the slickest and most elegant. Its one catch is that it is tied to the version of Python installed. This means you need to exercise caution whenever upgrading Python. Alternatively, you can install multiple versions of Python in different directories. It’s not uncommon to have crackers survey your system. Sadly, it’s also not uncommon for people to overlook security options. The above techniques can make the difference on your computer and bolster your security and peace of mind. Please enable JavaScript in your browser to post your comment! Tags See All Tags David M Williams  Linux  Open Source  Security  Software  Get stories like this delivered daily - FREE - subscribe now << First page <   1 2 3 Next page > Last page - Post your comment >>

 

< Next story in category		Previous story in the category >