Server Security – Passwordless Remote Login
Based on some recent experience do not ever allow password remote login. There are two things you chould apply to your ssh server. Implement a RSA key login, and implement fail2ban. Fail2ban will modify iptables (firewall) to block the ip address of offending attempts to connect. It will do so for your apache, ssh, ftp, and other servers. It is a separate program, not a wrapper, and it monitors log files for login attempts. You set the max login attempts (fails) in the jail.conf file in /etc/fail2ban. The combination of RSA keys and fail2ban will ensure a secure and accessible system, which is a must of the system is to be open to outside internet connections.
Tags: accessible system, ban, login, login attempts, rsa, rsa keys, ssh, ssh ftp, ssh server, System
No comments yet.
No trackbacks yet.
Fstab – Manual Mounting and Udev Auto
March 7, 2010 - 9:26 am
Tags: automount, cd iso, fstab, iso, iso images, linux distributions, samba shares, System, udev
Posted in fstab, mount, udev | No comments
Modern Linux distributions use udev which automount partitions to the system. This is most notably seen with usb device that are the predominant hot swappable media. Internal hard drives, particularly drives that are used to boot the system, have their mount points defined in the fstab file. Fstab is automatically generated during the Debian/Ubuntu installation [...]
SSH – Gateway Ports and Forward Reverse Tunnels
February 27, 2010 - 9:42 am
Tags: client, client location, connection, encrypted connection, gateway, gateway ports, option, ssh, ssh connection, ssh connections
Posted in .forward, client, gateway, host, port, reverse, ssh, tunnel | No comments
SSH can create forward and reverse tunnels to transmit port data through the encrypted connection. You can create forward tunnels that link the local port of the client machine to the remote port on the server. You can create reverse tunnels that link the remote ports of the server to the local ports on the [...]
SSH X Forwarding with Compression
February 13, 2010 - 4:39 pm
Tags: c option, Compression, compression quality, connection, internet, slow internet connection, slow internet connections, ssh, ssh sessions, xtightvncviewer
Posted in Compression, quality, speed, ssh, xtightvncviewer | No comments
If you plan to forward X applications via ssh, and are using a very slow internet connection you should definitely use compression. The “-C” option will use compression and will substantially increase the data transfer rate in 100 Kb/s or less internet connections. Also with vnc connection, if you are using xtightvncviewer you can effectively [...]
Sendmail – Critical to Receive System Alerts
February 10, 2010 - 9:02 am
Tags: default sendmail, email, external mail server, forward works, local ip, mail, relay mail, Sendmail, System, user
Posted in .forward, Sendmail, access, alert, aliases, home, user | No comments
Image via Wikipedia
The core of Linux is designed to mail, at minimum, the root user of various system alerts. With sendmail installed these alerts are mailed to the respective user directory. If you have an external mail server you can configure your local user mail to be forwarded to any email address. The easiest method [...]
SSH Login Timeout – Password Authentication
February 6, 2010 - 9:42 am
Tags: automatic mechanisms, brute force, dictionary, force, legitimate user, login, ssh, timeout, timeouts, user
Posted in brute, force, login, ssh, timeout | 1 comment
SSH login timeouts are not very effective at preventing unauthorized login attempts. Most ssh attacks are scripted attached launched by automatic mechanisms. The scripts most likely will use dictionary based brute force attacks that insert the password very quickly. Setting the login timeout very low will most likely not prevent such scripted attacks, and will [...]
Sshd_config Settings Rundown
February 3, 2010 - 12:38 pm
Tags: change, internet, login, login attempts, password, port, port 22, pound symbol, root login, ssh login
Posted in iptables, login, root, rsa, setting, sshd, tcp | No comments
Image via Wikipedia
First change the port you are using. Do not use port 22 on servers that have internet connectivity. This is the first port that will be checked by countless robots searching the internet for vulnerabilities. Change the port to whatever, and then use the -p option in your ssh login attemt. Then make [...]
Auth.log in Debian Systems
February 2, 2010 - 12:13 pm
Tags: auth, connection, connection attempts, cron, crontab command, force, mail servers, root mail, security countermeasures, ssh
Posted in auth, cron, crontab, debian, log, ssh | No comments
Image via Wikipedia
Your auth.log file is the first step in determining of an intrusion is being attempted, or has occured. It logs all ssh connection attempts, cron jobs, and su calls. If an ssh brute force attach is occurring you will see countless failed ssh login attempts. Most likely various usernames will be attempted. You [...]
Detecting a Security Breach – Ubuntu and Linux Machine
January 25, 2010 - 12:46 pm
Tags: active processes, attempt, linux machine, login, login attempts, machine, password, root, security breech, ssh access
Posted in access, backup, breech, detect, linux, login, root, security, ubuntu | 2 comments
Detecting a security breech is sometimes as easy as logging into the machine, using ssh, and viewing the last login attempt from a completely unrecognized ip address or domain. Subsequently check your auth.log file, in /var/log, for login attempts. If you see countless failed login attempts you have been the victim of a brute from [...]
Secure Remote Connections – Tech Support
January 23, 2010 - 4:58 pm
Tags: default location, file, key file, login, new id, password, rsa, security breach, ssh, ssh connection
Posted in key, remote, rsa, secure, ssh | No comments
If you are going to be providing technical support, to be professional you should implemented a secure ssh connection. There is no excuse to potentially give terminal access to a password snooper. Using ssh the terminal commands themselves are encrypted, so disabling password login truly minimized risks of a security breach. Using a RSA key [...]
VBoxTool – An Incredibly Useful Script
January 8, 2010 - 2:27 pm
Tags: Bash, Boot, boot process, constructs, cron jobs, intervals, Mark Baaijens, script, System, VBoxTool, virtual machines
Posted in Bash, Boot, Mark Baaijens, VBoxTool, script | No comments
Bash scripting is straight forward. There are logical and object oriented constructs like programs, and you are basically manipulating data contained in files, and using standard output to determine various tasks to be done. VBoxTool does what VBoxManage lacks. I wonder how corporations start virtual machines on boot, and manage their machines once the system [...]
