HomeBuilding Your WebsiteServer Management

lastb

teammatt3 posted this at 04:26 — 19th July 2007.

teammatt3's picture

He has: 2,102 posts

Joined: Sep 2003

test     ssh:notty    122x214x29x173.a Wed Jul 18 04:08 - 04:08  (00:00)'

I run lastb | less everyday and I get some weird stuff. Isn't that third item supposed to be an IP? What is that thing?

Someone's been trying to get into the server since I bought it, and I finally decided to just go all:all in /etc/hosts.deny (with my IPs in hosts.allow) instead of just entering them in manually. Is that good enough protection? Or do I need to be on top of other things too?

Thanks

pr0gr4mm3r posted this at 04:55 — 19th July 2007.

pr0gr4mm3r's picture

He has: 1,502 posts

Joined: Sep 2006

Well, your method works until your IP changes. You should enable RSA Authentication and disable passwords completely. This eliminates brute forces and risks of outside intruders.

This site explains how to set it up -> http://kmself.home.netcom.com/Linux/FAQs/sshrsakey.html. You will have to do some configing on the server and all the clients you want to connect to the server.

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.