Re: [TCLUG:3567] More Security Questions...

[rtp <rtp@iaxs.net>]

I am new to linux security and have done some of the same things you're talking
about; disableing the majority of the services that are handled by inetd... At
the reccomendation of someone from this list I also checked out the tools at
psionic.com. Sentry, one of those tools, detects various port scans and if
configured properly will immediately cease service to the offender. It uses the
tcp wrappers to deny future access to offenders. There's also a logging tool
that'll e-mail reports of attacks to the specified account so it's convienant
to stay on top of these activities.

SSH is my next project so I may be asking you about that. Good Luck!

ron parker

Scott K. Johnson wrote:

> Hello all,
>
> I've been working to secure my system before my DSL line gets turned on, and
> have really appreciated all the help everyone has given me!  As usual, I've
> got more questions...
>
> I've turned off almost everything that is being started out of inetd.
>
> When you guys say you block other ports, do you simply comment out the
> corresponding entry in /etc/services?  Or is there more to it than that?
>
> >From what I understand (no smart remarks...8p), tcp wrappers are used with
> services like ftp, telnet, etc.  Can they be used with ssh?  How does that
> relationship work?
>
> In testing ssh, I noticed that there is no log entry (/var/adm/messages)
> when I connect, but there is one when I disconnect.  But, even the
> disconnect message doesn't tell me much - " sshd[222]: Remote host
> disconnected: Connection closed."
>
> Can I get ssh to log a "start of service" type of entry, and tell me
> who/what/where, etc. is using it?
>
> Thanks again for your help!!
>
> Scott K. Johnson
> skj@visi.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com
> For additional commands, e-mail: tclug-list-help@listserv.real-time.com
> Try our website: http://tclug.real-time.com