[OpenIndiana-discuss] denyhosts IPS package?

Gregory Youngblood gregory at youngblood.me
Wed Jan 15 15:37:26 UTC 2014


True. I use a multi-layered approach, of which my suggestions are but a couple. 

A wiki page on hardening OI for public facing installs would be a good idea. Seems like I recall seeing something like that a while bac;; not sure if that was OI or Solaris/OpenSolaris though.

Greg

Sent from my HTC One on the Verizon Wireless 4G LTE network

----- Reply message -----
From: "Stefan Müller-Wilken" <stefan.mueller-wilken at acando.de>
To: "Discussion list for OpenIndiana" <openindiana-discuss at openindiana.org>
Subject: [OpenIndiana-discuss] denyhosts IPS package?
Date: Wed, Jan 15, 2014 7:58 AM

Hi Gregory,

Thanks for the input! Intrusion prevention can never be done in a one-size-fits-all approach so anything will help. :-) Maybe we should set up a OpenIndiana wiki topic on setting up Internet facing boxes to collect all possible measures.

Cheers
Stefan

________________________________________
Von: Gregory Youngblood [gregory at youngblood.me]
Gesendet: Mittwoch, 15. Januar 2014 15:49
An: Discussion list for OpenIndiana
Betreff: Re: [OpenIndiana-discuss] denyhosts IPS package?

Do you require password authentication or can you require only key access?

Disabling password authentication prevents the dictionary and other brute force password attempts.

You might also consider setting up a couple of jump boxes and then use ipfilter or external firewall to only allow ssh traffic from those jump boxes. If you go this route remember to use proxycommand to relay the connection and not to store any keys on the jump box.

Greg




Sent from my HTC One on the Verizon Wireless 4G LTE network

----- Reply message -----
From: "Stefan Müller-Wilken" <stefan.mueller-wilken at acando.de>
To: "openindiana-discuss at openindiana.org" <openindiana-discuss at openindiana.org>
Subject: [OpenIndiana-discuss] denyhosts IPS package?
Date: Wed, Jan 15, 2014 5:54 AM

Hi there,

is there a denyhosts package available? I'd like to more effectively ban dictionary attackers from my systems and looking at https://www.illumos.org/issues/228#note-8 a package was at least in discussion.

@Ken: can you comment on this?

Cheers
Stefan.

________________________________
Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss

________________________________
Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022

_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss


More information about the OpenIndiana-discuss mailing list