[lance osuosl org: [Hosting] denyhosts recommendation]

Should probably implement something like this
--- Begin Message ---
Last night most of our network were scanned and nearly DoS'd by an ssh
worm and caused many hosts to have their sshd to timeout. I noticed that
none of the OSL managed hosts were affected by the worm and concluded
that most of you aren't running denyhosts [1].

I _highly_ recommend that all of you consider installing denyhosts or
something similar to mitigate the constant ssh worms that roam the
internet. For most situations, simply installing it and starting the
daemon will do the job. It just scans the system ssh log for failed
attempts and adds them to hosts.deny. But I do recommend you at least
check out the config file to see if you want to adjust any settings.

Please let me know if you have any questions! Thanks-

[1] http://denyhosts.sourceforge.net/

Lance Albertson                                    lance <at> osuosl.org
Systems Administrator / Architect                        Open Source Lab
Network Services                                 Oregon State University
Work: 541-737-9975                                   PGP Key: 0x27F4B742
GPG Fingerprint       0423 92F3 544A 1282 5AB1  4D07 416F A15D 27F4 B742

Attachment: signature.asc
Description: OpenPGP digital signature

Hosting mailing list
Hosting osuosl org

--- End Message ---

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]