[mythtv-users] ssh attack
k.m.fort at gmail.com
Thu Dec 29 23:58:53 EST 2005
Get DenyHosts it's a program that tracks log in attempts, if the
account/password is wrong a certain amount of times it will put it in
/etc/host.deny file and block them from attempting. It works great, just
don't forget your password with out a keyboard and monitor connected
directly to the box (before you set it up to ignore certain ip's/users) or
it'll be curtains for you!!
"Let ye without segmentation fault cast the first int!"
From: mythtv-users-bounces at mythtv.org
[mailto:mythtv-users-bounces at mythtv.org] On Behalf Of Chad
Sent: Thursday, December 29, 2005 8:55 PM
To: Discussion about mythtv
Subject: Re: [mythtv-users] ssh attack
On 12/29/05, Matt Harris <hdinfo at nc.rr.com> wrote:
> This of course won't happen behind a properly configured firewall,
> Darren Hart wrote:
> > I'm sure nobody here is dumb enough to do this, but since I was,
> > thought I'd pass the word.
> > There is an ssh attack going around with a brute force login using
> > 2187 different username/password pairs, one such pair happens to be:
> > mythtv:mythtv
MythTV shouldn't be on the external network anyway, IMHO. I grab my
listings on a seperate box that is directly connected, it also hosts
my mysql db for myth, but myth isn't directly connected (it's actually
completely blocked when I do a port scan, and I've got un-necessary
services shut off/uninstalled).
Security can't be a sometimes thing, otherwise you end up a 45 year
mythtv-users mailing list
mythtv-users at mythtv.org
More information about the mythtv-users