Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
It's primitive but you can also just test from the command line by running tcpd with sshd as its argument. That'll quickly tell you if you have it compiled correctly or not.
Also, how specific is your hosts.allow? Is it ALL for your IP address or is it split up by service? If it's ALL, your sshd probably doesn't support tcp wrappers. If you're splitting by service, there might be an issue in the file.
Another thing you can try is to use lsof (or a similar program) to determine where sshd is running from. It's a long-shot, but if you have more than one sshd on your system it could be that the wrong one is being protected.
No offense meant, just trying to cover all the angles I can see from scanning over the post.
alright, ty for your suggestions. Unfortunately, my server is only accessible remotely, and more unfortunately, I'm the only linux admin that I can afford.
I suspect that dropbear may not support tcp wrappers. But I'm not certain. Anyway, I installed openssh and made it listen to a strange port number. Hopefully, that will keep the hackers guessing until tomorrow. I'll try to figure out firewalls and tcp wrappers ... or die(mysql_pun_intended) trying.
Have you looked into the links I gave you here? http://www.linuxquestions.org/questi...0/#post3188110
I did not realize that dropbear does not have a config-file - the options are given when it is started (like on the command-line) - usually it is started from /etc/init.d/...
will tell you more.
You could surely install openssh and replace dropbear by it - but most of it should work just as well.
Was all that not working or not enough? Or just problems configuring dropbear.
Portknocking is another step to make it more difficult for someone to attack or DOS you.
Thanks alot guys, this really helped. I'm no longer getting any spam login attempts. What's more, after I secured sshd, my shell command seemed to work faster too (before this, it took a fraction of a second for anything I type to get through to the terminal. Now it's instantaneous). Cheers!