--===============1618425340==
Content-Type: multipart/signed; micalg=pgp-ripemd160;
protocol="application/pgp-signature"; boundary="Y+Z5jE7Arku/2GrR"
Content-Disposition: inline
--Y+Z5jE7Arku/2GrR
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hello,
It's been a while since I last posted a reminder about protecting
against SSH dictionary attacks.
http://lists.bitfolk.com/lurker/message/20100314.085112.f5be7da9.en.html
The problem of course has not gone away and since then there have
been many more compromises that could have been easily avoided.
So, please, if you are running sshd on port 22 and allowing password
authentication, please consider taking some steps to protect
yourself. It can very easily happen to you, and aside from the
damage it can cause to other hosts on the Internet it risks
significant downtime for your own services.
I wrote up some more info from previous discussions:
https://tools.bitfolk.com/wiki/Protecting_against_SSH_dictionary_attacks
If you have further input please do feel free to add to the above
wiki article.
Cheers,
Andy
--=20
http://bitfolk.com/ -- No-nonsense VPS hosting
--Y+Z5jE7Arku/2GrR
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEAREDAAYFAk+r64MACgkQIJm2TL8VSQvQowCfQf+N3AwbNF5aWVo/urv30j6S
41kAn0QsXu62y/qlfwJHgL2x7oicp3u4
=u8b5
-----END PGP SIGNATURE-----
--Y+Z5jE7Arku/2GrR--
--===============1618425340==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
announce mailing list
announce@???
https://lists.bitfolk.com/mailman/listinfo/announce
--===============1618425340==--
From js599@??? Thu May 10 16:51:04 2012
Received: from mansell.bath.ac.uk ([138.38.0.35])
by mail.bitfolk.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
(Exim 4.72) (envelope-from <js599@???>)
id 1SSWZz-0000LB-V7; Thu, 10 May 2012 16:51:04 +0000
Received: from authenticated user by mansell.bath.ac.uk with esmtpsa
(TLSv1:DHE-RSA-AES128-SHA:128) (Exim 4)
(envelope-from <js599@???>)
id 1SSWZj-0001LP-4X; Thu, 10 May 2012 17:50:47 +0100
Date: Thu, 10 May 2012 17:50:44 +0100
From: James Stanley <js599@???>
To: announce@???
Message-ID: <20120510175044.29f33d38@derek>
In-Reply-To: <20120510162331.GG12360@???>
References: <20120510162331.GG12360@???>
X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.10; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-kerberosV-authenticator: js599@???
X-BUCS: js599
X-Scanner: b4d0d5f3262da9d6f6e683e82146d55dd95ad2f2
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Thu,
10 May 2012 16:51:03 +0000
X-SA-Exim-Connect-IP: 138.38.0.35
X-SA-Exim-Mail-From: js599@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
spamd3.lon.bitfolk.com
X-Spam-Level:
X-Spam-ASN: AS786 138.38.0.0/16
X-Spam-Status: No, score=-2.3 required=5.0 tests=RCVD_IN_DNSWL_MED,SPF_PASS,
T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY shortcircuit=no autolearn=disabled
version=3.3.1
X-Spam-Report: * -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at
http://www.dnswl.org/, * medium trust
* [138.38.0.35 listed in list.dnswl.org]
* -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
* domain * -0.0 SPF_PASS SPF: sender matches SPF record
* 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay
lines
X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:51:10 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
X-Mailman-Approved-At: Thu, 10 May 2012 17:15:52 +0000
Cc: users@???
Subject: Re: [bitfolk] A gentle reminder again about protecting against SSH
dictionary attacks
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://l
