Add new comment

Couple more quick fixes
Submitted by Anonymous (not registered) on Mon, 2006-04-24 20:57.

1. AllowGroup - in sshd_config will allow only users in specific groups. Our servers have alot more users than just those who need ssh access.

2. A little ugly perl script which will email a netblock admin where the attack came from ONCE PER ATTEMPT that a host on their network has been compromised:
http://www.neuropunks.org/~max/parse_ssh.pl

This is really only usefull on FreeBSD machines which email root a security summary for the day. In our case, it is called from procmail to parse that message.

Heres a recipe:

:0c
* ^Subject:.*security*
| /root/system/bin/parse_ssh.pl

Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.

Reply

*
*
The content of this field is kept private and will not be shown publicly.


*

  • Images can be added to this post.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <div>
  • Lines and paragraphs break automatically.
More information about formatting options