*nix Security

From JasonAntmanWiki
Jump to: navigation, search

Just a few notes on security on *nix systems.

SSH

While SSH is a relatively secure protocol, one of its' weaknesses is brute-force (or dictionary) password attacks. While all of my passwords are strong, I don't like the idea of someone trying to login to my system hundreds of times in a short period. DenyHosts is a Python script which runs as a daemon and prevents this type of attack. It continuously monitors failed SSH login attempts via syslog, discovers hosts which perform X failed logins in X seconds, and adds them to hosts.deny. It also supports whitelisting and blacklisting. Perhaps most interestingly, it has a group of over 6800 users which contribute their denied hosts to a central repository, which can then be sourced automatically by the daemon. This is a wonderful example of Global Blacklisting.

Global Blacklisting

In the modern Internet age, many attackers set their sights on many different targets. One of the most obvious (and needed) solutions, therefore, is a way of distributing security blacklists between many different hosts. This can include lists of suspected attackers' IP addresses, spammers, and more. While many companies offer such services for a fee, it is obvious that the Internet needs a good, open-source solution to solve such problems.

Retrieved from "http://wiki.jasonantman.com/index.php?title=*nix_Security&oldid=452"
Views
Notice - this is a static HTML mirror of a previous MediaWiki installation. Pages are for historical reference only, and are greatly outdated (circa 2009).
external content