Muffinresearch Labs by Stuart Colville

Suspect SSH activity in server logs | Comments (0)

Posted in Linux/Unix on 31st August 2004, 7:40 pm by Stuart

Having seen a load of failed attempted SSH logins for the Linux boxes I look after, I have locked down what IP addresses SSHD accepts using iptables.

The failed attempts are trying to log in using GUEST/GUEST, ADMIN/ADMIN and other various combinations with no password. It seems like these are pretty lightweight attempts, but unless you have a reason to do otherwise, locking down access to SSH is probably a good idea!

Here’s how to do this with iptables:

-A RH-Lokkit-0-50-INPUT -s xxx.xxx.xxx.xxx -p tcp --dport 22 -j ACCEPT

Replace xxx.xxx.xxx.xxx with the IP address of the box you wish to allow to connect to the server you are securing.

Post Tools

Comments: Add yours







XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>



Using Loggerhead with mod_wsgi|(0)

Here’s a post I wrote over on the Project Fondue Blog about our use of Loggerhead with mod_wsgi under Apache. Loggerhead is the rather nice branch viewer for bazaar branches as used on Launchpad.net.

If you’re not already subscribed to the Project Fondue blog feed then I can recommend it, as there should be some interesting posts coming out of there in the coming months (yes I’m unashamedly biased!).

Ubuntu: Turn off changing workspace with mouse wheel|(1)

I found the changing with the workspace with the mouse wheel really annoying. To disable it go to System => Preferences => CompizConfig (available if the compizconfig-settings-manager package is installed) and uncheck “Viewport Switcher” which is under the “Desktop” heading.

Photos on Flickr

© Copyright 2004-10 Stuart Colville, all rights reserved. May contain traces of Muffin. Powered by WordPress. Hosting by Slicehost.com This page was baked in 0.564s.