SSH Login Timeout – Password Authentication
SSH login timeouts are not very effective at preventing unauthorized login attempts. Most ssh attacks are scripted attached launched by automatic mechanisms. The scripts most likely will use dictionary based brute force attacks that insert the password very quickly. Setting the login timeout very low will most likely not prevent such scripted attacks, and will only hinder the ability for a legitimate user to login successfully within the allocated amount of time. Set the login timeout to 60 seconds; I have set it to 5 seconds and it only caused problems for actual user logins.
Tags: automatic mechanisms, brute force, dictionary, force, legitimate user, login, ssh, timeout, timeouts, user
No trackbacks yet.
VirtualBox Manager – An Android IT Solution
May 16, 2010 - 7:50 am
Tags: activity, button, code, date entry, dialog, host, host activity, host button, numerical entry, password dialog, port dialog, screen, table rows, user
Posted in Android, Manager, it, jsch, ssh, virtualbox | 4 comments
Published late last night to the Android Marketplace, VirtualBox Manage is making nice progress. Yesterday I put substantial time and effort into the user interface. Particular the onscreen keyboards, and password entry screen. When the main dialogs appear, prompting for user input, the keyboard views are automatically expanded. In the port dialog a telephone keyboard/numerical [...]
Jsch on Android
May 9, 2010 - 9:07 am
Tags: correct syntax, dependency, device, internal storage, jsch, password, ssh, ssh command, ssh connections, storage location
Posted in Android, java, jsch, password, rsa, ssh | No comments
Jsch works on android. With the only dependency, jzlib, satisfied the java based implementation of ssh is beginning to code relatively straight forward. After many days of trial and error the correct syntax to the commands, and the methods of particular classes are beginning to make sense. Password login is relatively straight forward, and with [...]
Partiton Full? Move your Stuff Somewhere Else
March 6, 2010 - 11:35 am
Tags: backup, backup directory, dev, excess space, hda, hda1, hda2, home, storage, symbolic link, user
Posted in cp, ln, partition, rm, symbolic | No comments
If you run out of space on a particular partition, but you have excess space on another partition you can relocate your data. Lets say you have 100 Megabytes left on /dev/hda1 but your have 10 gigs left on /dev/hda2. Lets say you have a folder on /dev/hda1 /home/user/backup that is over 2 gigs. Lets [...]
SSH – Gateway Ports and Forward Reverse Tunnels
February 27, 2010 - 9:42 am
Tags: client, client location, connection, encrypted connection, gateway, gateway ports, option, ssh, ssh connection, ssh connections
Posted in .forward, client, gateway, host, port, reverse, ssh, tunnel | No comments
SSH can create forward and reverse tunnels to transmit port data through the encrypted connection. You can create forward tunnels that link the local port of the client machine to the remote port on the server. You can create reverse tunnels that link the remote ports of the server to the local ports on the [...]
Virus Detected Notification – Suppress Clamav-Milter Messages
February 15, 2010 - 9:12 am
Tags: Clamav-milter, linux machine, milter, postmaster, root, root user, spam folder, user, virus, virus message
Posted in ClamAV, detect, email, milter, notification, virus | 2 comments
Clamav-milter will automatically mail the root user and/or the postmaster in the event that a virus message has been rejected for delivery. To suppress the mailing of these virus found reports open: /etc/default/clamav-milter At the top is the options line. Add to the line: –quiet No more messages and you don’t need to filter the [...]
SSH X Forwarding with Compression
February 13, 2010 - 4:39 pm
Tags: c option, Compression, compression quality, connection, internet, slow internet connection, slow internet connections, ssh, ssh sessions, xtightvncviewer
Posted in Compression, quality, speed, ssh, xtightvncviewer | No comments
If you plan to forward X applications via ssh, and are using a very slow internet connection you should definitely use compression. The “-C” option will use compression and will substantially increase the data transfer rate in 100 Kb/s or less internet connections. Also with vnc connection, if you are using xtightvncviewer you can effectively [...]
Sendmail – Critical to Receive System Alerts
February 10, 2010 - 9:02 am
Tags: default sendmail, email, external mail server, forward works, local ip, mail, relay mail, Sendmail, System, user
Posted in .forward, Sendmail, access, alert, aliases, home, user | No comments
Image via Wikipedia The core of Linux is designed to mail, at minimum, the root user of various system alerts. With sendmail installed these alerts are mailed to the respective user directory. If you have an external mail server you can configure your local user mail to be forwarded to any email address. The easiest [...]
Sshd_config Settings Rundown
February 3, 2010 - 12:38 pm
Tags: change, internet, login, login attempts, password, port, port 22, pound symbol, root login, ssh login
Posted in iptables, login, root, rsa, setting, sshd, tcp | No comments
Image via Wikipedia First change the port you are using. Do not use port 22 on servers that have internet connectivity. This is the first port that will be checked by countless robots searching the internet for vulnerabilities. Change the port to whatever, and then use the -p option in your ssh login attemt. Then [...]
Auth.log in Debian Systems
February 2, 2010 - 12:13 pm
Tags: auth, connection, connection attempts, cron, crontab command, force, mail servers, root mail, security countermeasures, ssh
Posted in auth, cron, crontab, debian, log, ssh | 1 comment
Image via Wikipedia Your auth.log file is the first step in determining of an intrusion is being attempted, or has occured. It logs all ssh connection attempts, cron jobs, and su calls. If an ssh brute force attach is occurring you will see countless failed ssh login attempts. Most likely various usernames will be attempted. [...]
Reasonable Backup Routines – Service and Desktop Integrity
January 27, 2010 - 1:25 pm
Tags: backup, backup drive, caption, cronjob, desktop machine, directory, hardware failure, media directory, rsync, user
Posted in backup, crontab, network, rsync | No comments
You should have backups of all your files all the time. For a desktop machine always have a backup of your entire /home partition. Use a cronjob and rsync. Mount a usb drive to the /media directory. Use a cronjob as follows: 1 1 0 0 0 rsync -r /home/user /media/backup/user The above rsync will [...]
February 12, 2010 - 11:11 pm
You can also use IPtables rules to rate limit access to SSH. I find this very effective for the routine bots that are scanning.