similar to: Securing SSH wiki article outdated

Displaying 20 results from an estimated 6000 matches similar to: "Securing SSH wiki article outdated"

2015 Feb 13
5
Securing SSH wiki article outdated
On Fri, 2015-02-13 at 09:46 -0500, Lamar Owen wrote: > On 02/13/2015 09:15 AM, Chris Adams wrote: > > Yeah, the old "move stuff to alternate ports" thing is largely a waste > > of time and just makes it more difficult for legitimate use. With > > large bot networks and tools like zmap, finding services on alternate > > ports is not that hard for the
2015 Feb 13
1
Securing SSH wiki article outdated
> On 12/02/15 20:03, Warren Young wrote: > > Hi, just a quick note to whoever is maintaining this page: > > > > http://wiki.centos.org/HowTos/Network/SecuringSSH > > > > The procedure is missing the firewall-cmd calls necessary in EL7: > > > > firewall-cmd --add-port 2345/tcp > > firewall-cmd --add-port 2345/tcp --permanent > > This
2015 Feb 13
0
Securing SSH wiki article outdated
On 02/13/2015 05:41 AM, James Hogarth wrote: > This is horrible advice anyway. It's not a good idea to run SSH on a port > greater than 1024 since if a crash exploit is used to kill the process a > non-root trojan process faking SSH to gather credentials could then bind on > that port trivially totally compromising the system. This is where an SELinux policy on your server can
2015 Feb 13
0
Securing SSH wiki article outdated
On Fri, February 13, 2015 9:05 am, Always Learning wrote: > > On Fri, 2015-02-13 at 09:46 -0500, Lamar Owen wrote: > >> On 02/13/2015 09:15 AM, Chris Adams wrote: >> > Yeah, the old "move stuff to alternate ports" thing is largely a waste >> > of time and just makes it more difficult for legitimate use. With >> > large bot networks and tools like
2015 Feb 13
0
Securing SSH wiki article outdated
On 02/13/2015 09:15 AM, Chris Adams wrote: > Yeah, the old "move stuff to alternate ports" thing is largely a waste > of time and just makes it more difficult for legitimate use. With > large bot networks and tools like zmap, finding services on alternate > ports is not that hard for the "bad guys". Having SSH on 22 is lower-hanging fruit than having SSH on a
2015 Feb 13
0
Securing SSH wiki article outdated
Always Learning wrote: > > On Fri, 2015-02-13 at 09:46 -0500, Lamar Owen wrote: > >> On 02/13/2015 09:15 AM, Chris Adams wrote: >> > Yeah, the old "move stuff to alternate ports" thing is largely a waste >> > of time and just makes it more difficult for legitimate use. With >> > large bot networks and tools like zmap, finding services on
2017 Nov 27
6
Failed attempts
Pete Biggs wrote: > On Mon, 2017-11-27 at 12:10 -0500, Jerry Geis wrote: >> hi All, >> >> I happened to login to one of my servers today and saw 96000 failed >> login attempts. shown below is the address its coming from. I added it to my >> firewall to drop. >> >> Failed password for root from 123.183.209.135 port 14299 ssh2 >> >> FYI -
2015 Feb 13
0
[CentOS] Securing SSH wiki article outdated
On 12/02/15 20:03, Warren Young wrote: > Hi, just a quick note to whoever is maintaining this page: > > http://wiki.centos.org/HowTos/Network/SecuringSSH > > The procedure is missing the firewall-cmd calls necessary in EL7: > > firewall-cmd --add-port 2345/tcp > firewall-cmd --add-port 2345/tcp --permanent > > Also, it may be worth mentioning that semanage
2015 Feb 13
0
Securing SSH wiki article outdated
On 12/02/15 20:03, Warren Young wrote: > Hi, just a quick note to whoever is maintaining this page: > > http://wiki.centos.org/HowTos/Network/SecuringSSH > > The procedure is missing the firewall-cmd calls necessary in EL7: > > firewall-cmd --add-port 2345/tcp > firewall-cmd --add-port 2345/tcp --permanent > > Also, it may be worth mentioning that semanage
2014 Oct 02
3
Securing SSH --> Change ports
In there you are almost telling people that security through obscurity is a good way. That might sometimes be true but in this case it could mean that you would be handing passwords and other data out. When you start SSH on port 22 it is done with root privileges because the root user is the only one that can use ports below 1024. Root is the only user that can listen to that port or do
2015 Feb 14
1
Securing SSH wiki article outdated
On Fri, Feb 13, 2015 at 7:12 AM, Lamar Owen <lowen at pari.edu> wrote: > On 02/13/2015 05:41 AM, James Hogarth wrote: > > This is also why the Orange Book and its Rainbow kin exist (Orange Book = > 5200.28-STD, aka DoD Trusted Computer System Evaluation Criteria). > Should anyone care to learn from the Rainbow Books, they are available from the United States of America (USA)
2019 Apr 24
3
firewalld configuration for securing SSH
HI all, 1st time contributor here. I was using the guide on securing SSH, and noticed that the firewall-cmd snippets for filtering by requests per time seem somewhat outdated. From what I can tell the given snippets, relay arguments directly down to iptables, and do not cover both IPv4 and v6. (and in fact when attempting to extend to v6 the firewall would fail to reload). I came up with an
2019 Apr 26
2
firewalld configuration for securing SSH
Thank you, I've gone in and made the listed changes changed firewalld sections to use services instead of just port numbers. -- Kimee On Wed, 2019-04-24 at 17:05 -0700, Akemi Yagi wrote: > On Wed, Apr 24, 2019 at 12:13 AM Kimberlee Integer Model > <kimee.i.model at gmail.com> wrote: > > > > HI all, > > > > 1st time contributor here. I was using the
2013 Mar 07
1
Fwd: mistake on Securing SSH
This was sent to me regarding the wiki. ---------- Forwarded message ---------- From: "Martin Kon??ek" <mkonicek12 at gmail.com> Date: Mar 7, 2013 4:44 AM Subject: mistake on Securing SSH To: <timothy.ty.lee at gmail.com> Cc: Hi TImothy, I saw wiki http://wiki.centos.org/HowTos/Network/SecuringSSH and it is pretty good, but there is a mistake. *Instead of having* iptables
2019 Apr 26
2
firewalld configuration for securing SSH
I'm not sure I follow, you just think the modified one should be called "ssh-custom", or you think there shouldn't be a modified service file at all? -- Kimee On Fri, 2019-04-26 at 19:46 +0200, Thibaut Perrin wrote: > Hi there, > > Wouldn't that be a better solution to create a custom xml file to put > in /etc/firewalld and load that "ssh-custom"
2007 Nov 24
1
Traduccion de Securing SSH
Hola lista he estado trabajando el la traducci?n de la pagina de la wiki http://wiki.centos.org/HowTos/Network/SecuringSSH pues estuve hablando con Alain Reguera y me dijo que pusiera las traducciones que hiciera ac? para que lo revisaran, bueno no se como funciona bien esta lista pero ah? les mando la traducci?n para que la revisen y me den sus opiniones y despu?s me digan como hago para ponerla
2019 Apr 30
2
firewalld configuration for securing SSH
Ah. I understand now. I was considering roughly the same, but wasn't sure whether that or rich rules was preferable. -- Kimee On Sat, 2019-04-27 at 01:39 +0200, Thibaut Perrin wrote: > No, I think the rules you created might have a better place in a > custom xml file instead of being given to firewall cmd directly :) > > On Fri, 26 Apr 2019 at 23:01, Kimberlee Integer Model
2012 Apr 26
1
Heatmap fidelity
I'm having a problem when using heatmap. Even though the diagonal of my matrix is all the same value, the diagonal of my heatmap is not all the same color. Any suggestions? Here is some reproducible code: ######################################### # Get data nba <- read.csv("http://datasets.flowingdata.com/ppg2008.csv", sep=",") # Reorder nba <-
2012 Jul 06
2
Error in plot.new() : figure margins too large
Hello All, I am running the following code in RStudio, and I keep on getting an error message that says: "Error in plot.new() : figure margins too large" Is there something that I am doing wrong? # Import Data nba <- read.csv("http://datasets.flowingdata.com/ppg2008.csv", sep=",") nba #Sort Data (sorting by Points, but could be sorting by any other variable)
2017 Nov 28
4
Failed attempts
On Tue, November 28, 2017 9:21 am, Lamar Owen wrote: > On 11/27/2017 02:02 PM, m.roth at 5-cent.us wrote: >> Pete Biggs wrote: >>> - don't run ssh on 22, use a different port. >> I consider that pointless security-through-obscurity. > Security through obscurity it may be, but it isn't pointless. Tarpits are in a similar class; they don't help with security