- To: Rick Welykochy <rick@xxxxxxxxxxxxx>
- Subject: Re: Compromised Linux box stories (Re: [SLUG] upgrading complicated installs
- From: peter@xxxxxxxxxxxxxxxxxx
- Date: Tue, 03 Jun 2008 15:28:07 +1000
- Cc: Dean Hamstead <dean@xxxxxxxxxxxxxxx>, slug@xxxxxxxxxxx
- User-agent: Wanderlust/2.15.6 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (Gojō) APEL/10.7 MULE XEmacs/21.4 (patch 21) (Educational Television) (i486-linux-gnu)
>>>>> "Rick" == Rick Welykochy <rick@xxxxxxxxxxxxx> writes:
Rick> Dean Hamstead wrote:
>> Denyhosts is a great daemon/cronscript that will manage hosts.allow
>> for your ssh server. you can set thresholds and instant triggers
>> etc which will result in that ip being blocked.
Rick> Also, can't one use a TCP wrapper with ssh? Either way, it does
Rick> compromise one of the beauties of working on the Internet. When
Rick> I head up north for a break, for example, and need to access the
Rick> server, heaven knows what my IP will be when away from home.
Depends how you set it up. Mine has a `three tries and you're out'
policy. And as I use an ssh-agent on my (carry around) laptop,
there's no chance of being locked out accidentally.
Peter C
SLUG Mailing List Archives