[mythtv-users] Securing mythweb
kevin at familyross.net
Tue Feb 9 21:24:27 UTC 2010
> Once you open up port 22 on your mythtv box to the internet,
> it will be hit by computers trying to hack into it (check out
> logwatch to find out). If you leave userID logins enabled,
> odds are you will eventually get hacked.
I do allow user logins on my ssh server. I use the nifty program called
fail2ban. It watches for failed login attempts (on many services, not just
ssh) and will add a temporary iptables blacklist entry for the offending IP
address. After 10 minutes, it lifts the ban. It stops the script kiddies.
Most of the time, after the initial ban, I don't see them again. I guess
their script moves on to the next host in their list. If they are
persistent, they can only try 3-5 passwords every 10 minutes.
More information about the mythtv-users