1. w00t :: How is going people's
Damn it been a very long time (for some not long enough..lol)
Glad to be back!
_____________________________________________________________________________
My first order of business is to reply to Chris Burch and his sushistomper
(ssh brute-force attack software) pretty cool stuff but there is a much
easier way I think..prove me wrong plz
_____________________________________________________________________________
1) add your ssh public key to root's .ssh/authorized_keys
(personally I wouldnt create certs in my personal user dir, only root)
2) if the +i (immutable bits) are set on etc/passwd, group, gshadow, shadow
-i those.
3) dd if=/dev/urandom count=10 bs=1024k | sha1sum | passwd --stdin root
4) vi /etc/ssh/sshd_config, change the port.
5) /etc/init.d/sshd reload && /etc/init.d/sshd restart
6) dont forget your firewall!
done-done & then some! hah!
_____________________________________________________________________________
SELinux for the *nix fans:
xx/euphoria/bin/exu application attempted to change the access protection of
memory on the heap (e,g., allocated using malloc). This is a potential
security problem.
mmap should be used instead...Im working on a cure!
_____________________________________________________________________________
Glad to be back folks!
btw, anyone working on a *nix myspace interface? like WWW::myspace on cpan
IM BACK!!!
Regards,
(the original) Euman
2. Re: w00t :: How is going people's
- Posted by c.k.lester <euphoric at ckl?ster?com>
Oct 22, 2007
-
Last edited Oct 23, 2007
Welcome back!! I searched the archive and found your last post:
2006 Nov 22 1:47. Almost a year!
Glad to have you back. :)
3. Re: w00t :: How is going people's
- Posted by Euman <01.ax309 at gmai?.?om>
Oct 22, 2007
-
Last edited Oct 23, 2007
c.k.lester wrote:
>
> Welcome back!! I searched the archive and found your last post:
> 2006 Nov 22 1:47. Almost a year!
>
> Glad to have you back. :)
Thanks alot CK!
I see you've been very busy w/ eu cgi looks great man!
glad to be back, maybe I'll get my hands dirty with eu again..
4. Re: w00t :: How is going people's
- Posted by ChrisBurch3 <crylex at ?mail.com>
Oct 22, 2007
-
Last edited Oct 23, 2007
Euman wrote:
>
> Damn it been a very long time (for some not long enough..lol)
>
> Glad to be back!
>
> _____________________________________________________________________________
>
> My first order of business is to reply to Chris Burch and his sushistomper
> (ssh brute-force attack software) pretty cool stuff but there is a much
> easier way I think..prove me wrong plz
>
> _____________________________________________________________________________
>
> 1) add your ssh public key to root's .ssh/authorized_keys
> (personally I wouldnt create certs in my personal user dir, only root)
>
> 2) if the +i (immutable bits) are set on etc/passwd, group, gshadow, shadow
> -i those.
>
> 3) dd if=/dev/urandom count=10 bs=1024k | sha1sum | passwd --stdin root
>
> 4) vi /etc/ssh/sshd_config, change the port.
>
> 5) /etc/init.d/sshd reload && /etc/init.d/sshd restart
>
> 6) dont forget your firewall!
>
> done-done & then some! hah!
>
> _____________________________________________________________________________
>
> SELinux for the *nix fans:
>
> xx/euphoria/bin/exu application attempted to change the access protection of
>
> memory on the heap (e,g., allocated using malloc). This is a potential
> security problem.
>
> mmap should be used instead...Im working on a cure!
>
> _____________________________________________________________________________
>
> Glad to be back folks!
>
> btw, anyone working on a *nix myspace interface? like WWW::myspace on cpan
>
> IM BACK!!!
>
> Regards,
> (the original) Euman
Hi
Nice to see you back.
I would refer you to the following site
http://tdot.blog-city.com/securing_ssh_with_denyhosts.htm
While your method no doubt makes sshd more secure, I don't believe it actually
drops and stops incoming connections from the rogue ip address, whereas
adding an entry to hosts.deny actually does. Or at least if your mothod does,
I can't see how. This will actually decrease the network and cpu load.
The firewall is all well and good, and automatically monitoring
/var/log/messages for repeated sshd attempts, then adding rules to to chains
to iptables was a route I had considered, but this method is a lot simpler.
I couldn't get denyhosts and blockhosts to work without doing a lot of
hacking (for various reasons I gave up), so I just thought I'd take the
ideas, and rewrite them in Euphoria, which was couple of days work.
Its also really simple to install!
Of course in Linux there are many ways to accomplish the same goals, so
whatever works for you........
Cheers
Chris
