Archive for 15th May 2009

Testing out new blog system.

Well, hopefully this works out the way I expect it too.

I now have a few guni….. err voluteers ;)

We will see how it goes from here.

To the volunteers, post comments HERE :)

Thanks again.


Edit —– BUGS:

Fixed Import system.. edited php config file to allow ssl.

Fixed image path for logo on right. Wasn’t showing on article links.

Figured out the AVATAR thing :)

Sign up on … upload your avatar, based on your email ! :) Very cool.

enable gravatars in your SETTINGS > DISCUSSION at the bottom of your control panel.

My url was here:

Why you should change your ssh default port.

Wednesday, July 23, 2008
Why you should change your ssh default port.
Thought some of you might find this interesting. No one gets in, but it’s funny how just changing the port number on ssh will stop 99.99% of the stupid attacks (some random bot repeatedly attempting to gain access) . Several other things SHOULD be changed in the ssh config file also, not just the port number, but this one provides the most eye opening reasons to be secure.

Installed server on Jul 17th ….. less than 5 days later, well, you get the idea.
wtmp begins Thu Jul 17 21:57:08 2008

[root@VistaCrusher1 ~]# lastb | wc -l

For the less command line oriented peeps, that means I had 25,349 attempts to breach my machine via the ssh login. Bad logins recorded, along with IP’s and other cool stuff.
Needless to say, I’ll go change that shortly, along with several other security precautions. I just wanted to see how many hits I’d get in 5 days. That, and I wanted to see who came back.

Imagine that…..

[root@VistaCrusher1 ~]# lastb | grep
clamav ssh:notty Mon Jul 21 16:40 – 16:40 (00:00)
clamav ssh:notty Mon Jul 21 16:39 – 16:39 (00:00)

Someone is STILL trying.

Here is a list of WHO tried.

[root@VistaCrusher1 ~]# lastb | awk ‘{print $3}’ | sort –unique
[root@VistaCrusher1 ~]#

As someone mentioned to me on the Archlinux forums, iptables can be used to help prevent this as well.

# Don’t limit SSH from known addreses
iptables -A forwarding_wan -p tcp –dport 22 -s -j ACCEPT

# SSH rate limiting from unknown IP addresses
# Allow 2 chances in 10 minutes to connect, reject after that
iptables -A forwarding_wan -p tcp –dport 22 -m state –state NEW -m recent –set
iptables -A forwarding_wan -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 600 –hitcount 3 -j DROP

Attempting to setup blog system

Welcome to Arch User Blogs. I have been attempting to setup a multi-user blogging system for Arch Users, this is test 1 ;)