Message Board -  Archive

[ Login ] [ Create Account ]
[ Board List ] [ View Board ] [ Post Reply ]
  Author  Subject: Re: looking for things to check for ssh(d)...
Archive  

Posted on 01-27-2003 10:04 a.m. ET  reply

Original Poster: W.B.

>>look in /etc/sysconfig/ipchains

and delete this file if it exists! ipchains is a HUGE security flaw.

First check that ssh is in /etc/services, if not, add it. (This is not
always necessary, but for security purposes services should always be
documented).

Next, verify with netstat -a | grep ssh that your sshd is listening. Now
check things such as /etc/hosts.* to see if TCPWrappers is filtering you. If
this doesn't work, delete /etc/sysconfig/ipchains, and give the machine some
stateful iptables rules. Follow this with service iptables save.

Now you should be able to get into the box, but others will not.

< Previous 1 Next >

Site Contents