SSH hacked?
NoOp
glgxg at sbcglobal.net
Wed Jan 14 00:56:33 UTC 2009
On 01/13/2009 07:56 AM, Smoot Carl-Mitchell wrote:
> On Tue, 2009-01-13 at 05:51 -0800, Steve Lamb wrote:
>> Bart Silverstrim wrote:
>> > If you want REALLY secure, you need to do things like...
>>
>> Install knockd. SSH is a whole lot harder to hack if it doesn't answer
>> until needed. Strong passwords, weak passwords, lots of users, very few
>> users, all doesn't matter when 22 just does not answer. I had accounts
>> breached on two different machines in less than a month. Installed knockd and
>> the only time sshd shows up in the logs is when it is coming from the very few
>> people who are authorized to touch the machine.
>
> Interesting daemon. For the truly paranoid, you can also look at these
> one-time password methods:
>
> http://en.wikipedia.org/wiki/One-time_password
>
> I believe SSH supports all of the above methods.
You might find this of interest:
http://www.portknocking.org/
http://www.portknocking.org/view/implementations
More information about the ubuntu-users
mailing list