(No, not retinal scans :)
After upgrading the home server today, I was looking through the logs, and noticed several simultaneous username/password guessing scripts probing the machine, connecting via SSH. Fortunately the machine that actually serves incoming SSH connections is a virtual machine, locked down with few packages installed and (relatively) good passwords. I still feel dirty, though.
I’m going to have to install a good portknocking package, I think. In the meantime, I’ve locked down the home server to only accept incoming SSH from a small number of machines. I should have done this long ago (both persephone and penelope already have this), but custom firewall rules with DD-WRT are hard, and so I punted.
This also means I’m probably going to have to replace my crappy Linksys running DD-WRT with a full-blown Linux box so that I can create a proper firewall. I really wonder sometimes if this whole “Internet” thing is worth the trouble.
No comments yet.
Sorry, the comment form is closed at this time.