break-in attempt in my machine

Kevin O'Gorman kogorman at gmail.com
Sun Aug 28 04:10:47 UTC 2016 

I've had the similar experience with port 22.  When I had it open, I was
deluged with login attempts.  I switched to another port, not even a very
random one, and it went down to zero.  And stayed there.  Now it's more
random, and NO password gets you in without my having your public key, and
I only take keys from my own machines, so that's never going to be the main
attack vector.

Nevertheless, I'm gonna read Karl's blog, and maybe tighten it up some
more.  Portknocking?  sshguard?  We'll see.

On Sat, Aug 27, 2016 at 6:39 PM, Karl Auer <kauer at biplane.com.au> wrote:

> On Sat, 2016-08-27 at 21:58 +1000, Karl Auer wrote:
> > Having ssh open to the world is better than having most other things
> > open to the world. but there are quite a few things you can do to
> > make a successful attack less likely. In order of goodness:
>
> Here's a blog entry with more specifics on how do do the things I
> suggested:
>
> http://biplane.com.au/blog/?p=426
>
> Thanks Jonesy for the sshguard suggestion. Looks quite a bit simpler
> than fail2ban.
>
> By the way, anyone that has ssh access open to the world MUST take
> extra precautions. At an absolute minimum, any account that can log in
> via ssh MUST have a VERY GOOD PASSWORD - twenty or thirty random
> characters including numbers, punctuation and both cases. Otherwise you
> WILL get hacked. But it would be a much better idea to read the above
> blog entry and implement the first few ideas at least.
>
> Regards, K.
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Karl Auer (kauer at biplane.com.au)
> http://www.biplane.com.au/kauer
> http://twitter.com/kauer389
>
> GPG fingerprint: E00D 64ED 9C6A 8605 21E0 0ED0 EE64 2BEE CBCB C38B
> Old fingerprint: 3C41 82BE A9E7 99A1 B931 5AE7 7638 0147 2C3C 2AC4
>
>
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/ubuntu-users
>



-- 
Kevin O'Gorman
#define QUESTION ((bb) || (!bb))   /* Shakespeare */

Please consider the environment before printing this email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20160827/49933a21/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 441 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20160827/49933a21/attachment.gif>

More information about the ubuntu-users mailing list