[121886] in North American Network Operators' Group
Re: SSH brute force China and Linux: best practices
daemon@ATHENA.MIT.EDU (John Mason Jr)
Sat Jan 30 13:04:38 2010
Date: Sat, 30 Jan 2010 13:03:39 -0500
From: John Mason Jr <john.mason.jr@cox.net>
To: nanog@nanog.org
In-Reply-To: <c3de0a331001292047u33e175edy30bce313a4c22105@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 1/29/2010 11:47 PM, Bobby Mac wrote:
> Hola Nanog:
>
> So after many years of a hiatus from Linux, I recently dropped XP in favour
> of Fedora. Now that my happy windows blinders are off, I see alarming
> things. Ugly ssh brute force, DNS server IP spoofing with scans and typical
> script kiddie tactics.
>
> What are the new set of best practices for those running a NIX home
> computer. Yes I have a firewall and I do peruse my logs on a regular
> basis.
>
> BTW: ever drop a malformed URL to alert an admin to some thing that sucks?
> w3.hp.com/execs/makes/too/much/money or
> www.yourbuddiesdomain.com/it/is/all/rfc/space/use/1918/when/referring/to/non/routable
>
> Thanks,
> BobbyMac
>
>
Might want t to look at Micheal Rash's site
http://cipherdyne.org/LinuxFirewalls/ to get some ideas
John
