[Spce-user] iptables issue
Jonathan Yue
jonathan.yue at turboitsolutions.com
Wed Apr 20 14:25:45 EDT 2016
Thanks George, that's very good advice, will do that right away. It's
funny, on my home router which runs OpenWRT, I actually disabled
password login and set up public key auth. i did that for fun when I
though of pki one day and didn't realize the importance of that.
------ Original Message ------
From: "George Mason" <george.mason at xoomtalk.com>
To: spce-user at lists.sipwise.com
Sent: 2016-04-20 10:22:42 AM
Subject: Re: [Spce-user] iptables issue
>Hi Jonathan
>
>I would strongly advise against *ever* using password based SSH
>authentication - even if using fail2ban I would not expose a server to
>the Internet without public key authentication enabled (and password
>authentication disabled).
>
>More info available here: https://macnugget.org/projects/publickeys/
>
>George Mason
>Technical Director
>
>Tel:
>Mob:
>Fax:
>Web:+44 (0)1273 900090
>+44 (0)7966 403353
>+44 (0)1273 900091
>http://www.xoomtalk.com/
>On 20/04/2016 18:00, Jonathan Yue wrote:
>>It's the ssh access that was hacked. I suddenly noticed an established
>>ssh connection from Asia. since I disabled root login in ssh right
>>after install, the hacker must somehow have got my login password. in
>>a haste, I reverted the VM to a previous snapshot, so I can't analyze
>>how hacking happened now.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20160420/63f6bcc6/attachment-0001.html>
More information about the Spce-user
mailing list