After a hacking I have attempted to secure SSH and limit it to specific IPs. I have followed the instructions here:
http://centoshelp.org/security/securing-sshd/
I have added sshd: ALL to hosts.deny and I have added sshd: xxx.xxx.xxx.xxx to hosts.allow and then restarted sshd. Staying logged in as instructed I switched to a wireless card and was still able to login.
I am using v5.4 and openssh is current. This is a virtual server inside of Virtuozzo.
Any suggestions would be appreciated.
Unable to secure SSH
Re: Unable to secure SSH
There is a contradiction here: your openssh cannot possibly be current if you are using 5.4. CentOS 5.4 was released in November 2009 and 5.5 was released in March 2010 at which point 5.4 became an unsupported deprecated release which received no more updates. If you are really running 5.4 then you are 5 years out of date. The current CentOS 5 is 5.11.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
Re: Unable to secure SSH
1. You are not running CentOS.
2.You can't secure a virtuozzo system, because you have no control over the kernel.
3. You cannot secure a system once it has been hacked.
You need to a fresh install of a new real CentOS server,
2.You can't secure a virtuozzo system, because you have no control over the kernel.
3. You cannot secure a system once it has been hacked.
You need to a fresh install of a new real CentOS server,
-
- Posts: 16
- Joined: 2012/03/25 09:36:51
Re: Unable to secure SSH
Good information but yes, I am running Centos.
Any suggestions on why blocking SSH isn't working? Telling me that I am not running Centos or that it is actually more out dated than thought does not answer the question.
Any suggestions on why blocking SSH isn't working? Telling me that I am not running Centos or that it is actually more out dated than thought does not answer the question.
-
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
Re: Unable to secure SSH
No, you are NOT running CentOS. You are running a non CentOS kernel which you cannot update.
Since you have been hacked, your problem cannot be resolved.
Install from scratch a real, up-to-date CentOS.
Since you have been hacked, your problem cannot be resolved.
Install from scratch a real, up-to-date CentOS.