<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 3.8.2013 11:17, Nick wrote:<br>
</div>
<blockquote cite="mid:20130803081737.GA2317@manta.lan" type="cite">
<pre wrap="">Quoth Bryan Carey:
</pre>
<blockquote type="cite">
<pre wrap="">Thanks everyone for your input! I already had root access disabled via sshd
config. I will look into fail2ban as it sounds like it remedies the problem
I'm having.
</pre>
</blockquote>
<pre wrap="">
Changing the port sshd runs on has a suprisingly large impact on
reducing the number of these attacks, too. Of course it's only
security by obscurity, but for the zombie attacks you're describing
it's quite effective.
_______________________________________________
tor-relays mailing list
<a class="moz-txt-link-abbreviated" href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a>
<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a>
</pre>
</blockquote>
I would also recommend using a key file for SSH authentication and
disable password authentication. This way it's pretty much
impossible for the attacker to gain access using SSH.<br>
<br>
quote from archlinux wiki:<br>
<p style="margin: 0.4em 0px 0.5em; line-height: 19.046875px; color:
rgb(0, 0, 0); font-family: sans-serif; font-size: 13px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: auto; text-align: start;
text-indent: 0px; text-transform: none; white-space: normal;
widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;
background-color: rgb(255, 255, 255);"><big>SSH keys serve as a
means of identifying yourself to an SSH server using<span
class="Apple-converted-space"> </span><a
href="http://en.wikipedia.org/wiki/Public-key_cryptography"
class="extiw" title="wikipedia:Public-key cryptography"
style="text-decoration: none; color: rgb(51, 102, 187);
background-image: none; outline: none; font-weight: bold;
background-position: initial initial; background-repeat:
initial initial;">public-key cryptography</a><span
class="Apple-converted-space"> </span>and<span
class="Apple-converted-space"> </span><a
href="http://en.wikipedia.org/wiki/Challenge-response_authentication"
class="extiw" title="wikipedia:Challenge-response
authentication" style="text-decoration: none; color: rgb(51,
102, 187); background-image: none; outline: none; font-weight:
bold; background-position: initial initial; background-repeat:
initial initial;">challenge-response authentication</a>. One
immediate advantage this method has over traditional password
authentication is that you can be authenticated by the server
without ever having to send your password over the network.
Anyone eavesdropping on your connection will not be able to
intercept and crack your password because it is never actually
transmitted. Additionally, using SSH keys for authentication
virtually eliminates the risk posed by brute-force password
attacks by drastically reducing the chances of the attacker
correctly guessing the proper credentials.</big></p>
<p style="margin: 0.4em 0px 0.5em; line-height: 19.046875px; color:
rgb(0, 0, 0); font-family: sans-serif; font-size: 13px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: auto; text-align: start;
text-indent: 0px; text-transform: none; white-space: normal;
widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;
background-color: rgb(255, 255, 255);"><big>As well as offering
additional security, SSH key authentication can be more
convenient than the more traditional password authentication.
When used with a program known as an SSH agent, SSH keys can
allow you to connect to a server, or multiple servers, without
having to remember or enter your password for each system.</big></p>
<p style="margin: 0.4em 0px 0.5em; line-height: 19.046875px; color:
rgb(0, 0, 0); font-family: sans-serif; font-size: 13px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: auto; text-align: start;
text-indent: 0px; text-transform: none; white-space: normal;
widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;
background-color: rgb(255, 255, 255);"><big>SSH keys are not
without their drawbacks and may not be appropriate for all
environments, but in many circumstances they can offer some
strong advantages. A general understanding of how SSH keys work
will help you decide how and when to use them to meet your
needs. This article assumes you already have a basic
understanding of the<span class="Apple-converted-space"> </span><a
href="https://wiki.archlinux.org/index.php/Secure_Shell"
title="Secure Shell" style="text-decoration: none; color:
rgb(102, 102, 102); background-image: none; outline: none;
font-weight: bold; background-position: initial initial;
background-repeat: initial initial;">Secure Shell</a><span
class="Apple-converted-space"> </span>protocol and have
installed the<span class="Apple-converted-space"> </span><span
style="font-family: monospace;"><a rel="nofollow"
class="external text"
href="https://www.archlinux.org/packages/?name=openssh"
style="text-decoration: none; color: rgb(102, 102, 102);
background-image: none; outline: none; padding: 0px;
font-weight: bold; background-position: initial initial;
background-repeat: initial initial;">openssh</a></span><span
class="Apple-converted-space"> </span>package, available in
the<span class="Apple-converted-space"> </span><a
href="https://wiki.archlinux.org/index.php/Official_Repositories"
title="Official Repositories" style="text-decoration: none;
color: rgb(102, 102, 102); background-image: none; outline:
none; font-weight: bold; background-position: initial initial;
background-repeat: initial initial;">Official Repositories</a>.</big></p>
<br>
</body>
</html>