Ezilon.com - Target Your Audience, be Seen in Your Region
HomeBuilding Your WebsiteServer Management

lastb

teammatt3 posted this at 04:26—19th July 2007.

teammatt3's picture
Moderator

He has: 1,809 posts

Joined: Sep 2003

test     ssh:notty    122x214x29x173.a Wed Jul 18 04:08 - 04:08  (00:00)'

I run lastb | less everyday and I get some weird stuff. Isn't that third item supposed to be an IP? What is that thing?

Someone's been trying to get into the server since I bought it, and I finally decided to just go all:all in /etc/hosts.deny (with my IPs in hosts.allow) instead of just entering them in manually. Is that good enough protection? Or do I need to be on top of other things too?

Thanks

My Site | Regular Expression Tester

pr0gr4mm3r posted this at 04:55—19th July 2007.

Sponsor

He has: 470 posts

Joined: Sep 2006

Well, your method works until your IP changes. You should enable RSA Authentication and disable passwords completely. This eliminates brute forces and risks of outside intruders.

This site explains how to set it up -> http://kmself.home.netcom.com/Linux/FAQs/sshrsakey.html. You will have to do some configing on the server and all the clients you want to connect to the server.