[Asterisk-Users] asterisk@home scary log
Steven Critchfield
critch at basesys.com
Thu Feb 10 12:35:51 MST 2005
On Thu, 2005-02-10 at 09:57 -0700, Colin Anderson wrote:
> Thanks, everyone, for the excellent suggestions.
>
> For posterity and for future reference when this thread comes up again,
> summarizing the best way(s) to defend against SSH logon attempts:
>
> 1. Don't allow root thru SSH or Telnet, force logon as regular user and sudo
> 2. If you must run SSH or Telnet, run it on a non-obvious port > 1024
Actually, don't EVER run telnet. What protection do you think you would
get if someone sniffed the traffic in the area? They would still get
your passwords and the ports to use them on.
I have logged into a hackers accounts from using a sniffed log file they
left around. They knew how to hack in, but not secure themselves. I took
over their ftp site and the yahoo account they coordinated some of the
attacks from since the username and passwords where the same as the ftp
account.
Thats why you are always told to use different passwords. Nothing like
having one account compromised and then all accounts fall immediately
afterwords. Or being in a race to change your passwords before the
attacker gets to those accounts to own them.
--
Steven Critchfield <critch at basesys.com>
More information about the asterisk-users
mailing list