SSH hacked?
Smoot Carl-Mitchell
smoot at tic.com
Tue Jan 13 15:56:30 UTC 2009
On Tue, 2009-01-13 at 05:51 -0800, Steve Lamb wrote:
> Bart Silverstrim wrote:
> > If you want REALLY secure, you need to do things like...
>
> Install knockd. SSH is a whole lot harder to hack if it doesn't answer
> until needed. Strong passwords, weak passwords, lots of users, very few
> users, all doesn't matter when 22 just does not answer. I had accounts
> breached on two different machines in less than a month. Installed knockd and
> the only time sshd shows up in the logs is when it is coming from the very few
> people who are authorized to touch the machine.
Interesting daemon. For the truly paranoid, you can also look at these
one-time password methods:
http://en.wikipedia.org/wiki/One-time_password
I believe SSH supports all of the above methods.
--
Smoot Carl-Mitchell
Computer Systems and
Network Consultant
smoot at tic.com
+1 480 922 7313
cell: +1 602 421 9005
More information about the ubuntu-users
mailing list