I would like to thank all of my readers who have supported my blog until now, I couldn’t have done it without your continuous support.
Secured Shell or SSH is a service to enable users to access remote system securely. However, SSH servers depending on password-based authentication might be vulnerable to dictionary-based (or brute-force) attacks by crackers.
Luckily iptables can be used with ‘–limit-burst‘ and ‘–limit’ option to reduce the number of attempts and connection that a cracking tool can make in a period of time.
For example, in order to limit an IP address to making only 5 connections per minute in burst of 2 connections, you can use this iptables rules:
iptables -A INPUT -p tcp --dport ssh -m limit --limit 5/minute --limit-burst 2 -j ACCEPT
This will result in the iptables will only allow up to 5 connections per minute with 2 maximum initial number of connections, which will make any brute-force or dictionary-based attack uneconomical/unfeasible for the server.
Read more about iptables –limit and –limit-burst in Linux Iptables Limit the number of incoming tcp connection / syn-flood attacks
Here’s a tip to restrict normal user account access so that common users may not be able to explore other directories beyond his/her own /home directory.
The tips has been adapted from – superuser.com
Good news, now we can put Ubuntu Server installations on the World Map!
How? Go to maps.ubuntu.com, and choose one of the options.
Then you can view the location of Ubuntu servers around the world, marked by the ubiquitous Ubuntu logo!
I’ve keep getting the message “ssh_exchange_identification: Connection closed by remote host error” after I managed to finalized my CRUX linux on my decTOP box today. After enough looking into documentations, I finally found out that I need to edit the “/etc/hosts.allow” file to allow SSH connection, for example:
or for more conservative setting
I can connect ssh to my box normally after that.
Although it is a security risks, it is possible to make OpenSSH listens on multiple port.
To do that, you need to edit /etc/ssh/sshd_config file. and enable the “GatewayPorts” option.
AllowTcpForwarding no GatewayPorts yes X11Forwarding no #X11DisplayOffset 10
Look for the line that contain “Port 22”, and uncomment it if necessary, and add additional Port line to enable OpenSSH to listen to other ports. Like this:
Port 22 Port 80 Port 1025
The example will enable OpenSSH to listen to port 22,80,1025 simultaneously. Don’t forget to restart SSH service to enable the change by running :
sudo /etc/inet.d/sshd restart
Warning: Running SSH on multiple port may cause security risk, you have been warned!