stop these SSH hacker - Webdigity webmaster forums

7, September 2008	stop these SSH hacker - webmaster forum
	This forum shares its ad revenue with its members!
Navigation Webdigity Services Pagerank Monitor Whois Tool Web Design Gallery Webmaster Forums Webmaster Directory Tutorials Database Webmaster Forums WebDigity Community HumanWorks network new... Clickbank Contextual S... Forum Contests Forum Lounge New Member Introductions Tech News Google Forum User Forums aStatSpam forum Computers 3rd-Party Scripting The 100 Lists Website ... PixelThings Smart Publisher Forums Talk Design and Layout General webmaster disc... Graphics & Multimedia Adobe Photoshop Macromedia Flash & Act... Web Page Design HTML & XHTML CSS Accesibility issues Website & Graphic Revi... Web Development PhP PHP classes @finalwebs... Php User Class JavaScript Databases MySQL Security Miscellaneous Languages ASP & .NET Java & JSP Web hosting talk Hosting companies Domain names Configuring your server Apache web server Monetizing your site General Business CPC programs Adsense Chitika eMiniMalls CPM programs Affiliate programs & o... Web site promotion Promotion techniques Search Engine Optimiza... Google SEO Promoting & building a... SMF moding & promoting Marketplace Advertise your services Sell your site Sell a domain name Request services Hire people Link trading requests [ Home \| Help \| Search \| Forum's Shop \| Archive \| Login \| Register \| Webmaster Directory ]

Webdigity Webmaster Forums > Web hosting talk > Configuring your server
Topic: stop these SSH hacker

« previous next »

Pages: [1]

Author

Topic: stop these SSH hacker (Read 1006 times)

Global Moderator
Community Supporter ?
Jedai Sword Master

Gender:

Posts: 6309
38674 credits
Members referred : 374

It's time to use PHP5!

« on: Jun 12, 2007, 03:35:31 PM »

Hi,

currently I add IP addresses to the file "hosts.deny" if they try to intrude via SSH.

because I don't wanna check the auth.log so often I would like to use the file "hosts.allow".

just to know if I'm right, if I add this values to the file:

sshd : 123.456.789.0 : allow
sshd : 789.456.123.0 : allow

this way it's only possible to access sshd via this two IP addresses?

Please don't advice to use a software firewall, I want to learn that technique

Thanks

Website Monitoring Service

Free WordPress Themes

CMS Reviews and Resources

Last blog : Is your website is down? Know before your visitors do!

I am a metal monkey!
Administrator
Community Supporter ?
Jedai Sword Master

Gender:

Posts: 8037
41179 credits
Members referred : 3

« Reply #1 on: Jun 12, 2007, 08:22:29 PM »

I think that's correct. I am not sure if the syntax is right, but that's the purpose of the hosts.allow file.

Trial and Error my two best teachers Cool

Join us @ facebook

Last blog : MIA - Where Nick and Tim

Global Moderator
Community Supporter ?
Jedai Sword Master

Gender:

Posts: 6309
38674 credits
Members referred : 374

It's time to use PHP5!

« Reply #2 on: Jun 12, 2007, 08:31:06 PM »

just want to be sure that I don't block myself Smiley

(don't know if I have a serial connection)

Website Monitoring Service

Free WordPress Themes

CMS Reviews and Resources

Last blog : Is your website is down? Know before your visitors do!

I am a metal monkey!
Administrator
Community Supporter ?
Jedai Sword Master

Gender:

Posts: 8037
41179 credits
Members referred : 3

« Reply #3 on: Jun 12, 2007, 08:36:04 PM »

Then you can have an insane solution.

Create a php script that will reset the file (but you will need sudo to make this work) Smiley

I think I should invite my admin to visit the forums Smiley

Trial and Error my two best teachers Cool

Join us @ facebook

Last blog : MIA - Where Nick and Tim

Global Moderator
Community Supporter ?
Jedai Sword Master

Gender:

Posts: 6309
38674 credits
Members referred : 374

It's time to use PHP5!

« Reply #4 on: Jun 12, 2007, 09:05:58 PM »

Quote from: Nikolas on Jun 12, 2007, 08:36:04 PM

Then you can have an insane solution.

Create a php script that will reset the file (but you will need sudo to make this work) Smiley

I think I should invite my admin to visit the forums Smiley

yes the "Linux" forum becomes very active Wink

Website Monitoring Service

Free WordPress Themes

CMS Reviews and Resources

Last blog : Is your website is down? Know before your visitors do!

Global Moderator
Community Supporter ?
Jedai Sword Master

Gender:

Posts: 6309
38674 credits
Members referred : 374

It's time to use PHP5!

« Reply #5 on: Jun 12, 2007, 09:10:00 PM »

how about to start the first SSH session, take the changes (adding some IP address I'm not on, f.e. at home) and than open a second session, would that work?

Website Monitoring Service

Free WordPress Themes

CMS Reviews and Resources

Last blog : Is your website is down? Know before your visitors do!

I am a metal monkey!
Administrator
Community Supporter ?
Jedai Sword Master

Gender:

Posts: 8037
41179 credits
Members referred : 3

« Reply #6 on: Jun 12, 2007, 09:24:45 PM »

I don't know that Huh

Trial and Error my two best teachers Cool

Join us @ facebook

Last blog : MIA - Where Nick and Tim

Kill the googlebot

Posts: 6
40 credits
Members referred : 0

« Reply #7 on: Jul 16, 2007, 08:39:48 AM »

just use lfd or other brustforce blocking script...

Community Supporter ?
Hunky Junky Monky Man!

Gender:

Posts: 68
436 credits
Members referred : 0

Schwa?

« Reply #8 on: Jan 03, 2008, 03:13:42 AM »

You should always always always keep one session open while modifying your ssh. You should be able to make your change and restart the sshd (you might have to search for what the exact command is...) but since SSHD actually spawns child sshd's, you can restart it while still logged in (that is if its configured to do that... which it usually is, if I remember right). Then, try to make your second connection. If that fails, roll back. Smiley

Trackback URI for this entry : http://www.webdigity.com/trackback.php?topic=6792

Tags : sshd

Bookmark this thread : Digg Del.icio.us Dzone more....

Topic sponsors:
Get a permanent link here for $1.99!

Pages: [1]

Webdigity Webmaster Forums > Web hosting talk > Configuring your server
Topic: stop these SSH hacker

« previous next »

Jump to:

User Area
Welcome, Guest. Please login or register. Did you miss your activation email? Sep 07, 2008, 06:46:36 AM Login with username, password and session length

Donate to our community, and get a permanent link back to your site!

Forum Statistics
Total Posts: 36.301 Total Topics: 7.479 Total Members: 3.904 Tutorials : 56 Resources : 143 Designs : 220 Latest Member: Brandon 33 Guests, 2 Users online : Googlebot, Yahoo crawler 11 users online today: YMC, Brandon, estMate, kris_mcl, sportsgirl, Nikolas, Sara1981, Stephen_T, kebomix, bylla, designer

Recent topics
EstDomains, Inc: transfer p... Re: What are your favorite ... Re: What are you listening ... Hello everybody! Affordable web hosting serv... Re: Looking for new webhost... Re: Who do you host with?... How do I use SEO for my fla...

HumanWorks Network
Technology news Webmaster articles Sublime web directory RSS Feed directory and viewer

Readers

Web Design Gallery · Whois Lookup · Pagerank · Tag Browsing · Lo-fi version · Syndication · Webmaster forum history · Advertise
Developed by HumanWorks © 2005 - 2008 Webdigity webmaster community · sublime directory
Webdigity Webmaster Forums | Powered by SMF 1.0.12. © 2001-2005, Lewis Media. All Rights Reserved.

stop these SSH hacker - webmaster forum