From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1E08OP-0008IW-T1 for garchives@archives.gentoo.org; Wed, 03 Aug 2005 01:50:02 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j731mkKk014138; Wed, 3 Aug 2005 01:48:46 GMT Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.199]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j731gxUs006172 for ; Wed, 3 Aug 2005 01:42:59 GMT Received: by wproxy.gmail.com with SMTP id i23so33915wra for ; Tue, 02 Aug 2005 18:43:24 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:mime-version:in-reply-to:references:content-type:message-id:content-transfer-encoding:subject:date:to:x-mailer:from; b=d0iCuAPCmyEU9uAfKSuxihr6pFbOdyqW/t9wT4ioQvhZaLArHoJB5JXP0WrhvU1k4tJWAFblT3sZatxTUGd27UgBWxroUM7IH/YY8R/om0VALtNdeIgVED/l6WxsbFqIv/wYeaB8WXJwLdm5Q/1ObuUwAkk7uoRlzS5i285D2Mg= Received: by 10.54.51.33 with SMTP id y33mr165227wry; Tue, 02 Aug 2005 18:43:24 -0700 (PDT) Received: from ?192.168.0.20? ([4.245.227.96]) by mx.gmail.com with ESMTP id 24sm223585wrl.2005.08.02.18.43.22; Tue, 02 Aug 2005 18:43:24 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 (Apple Message framework v733) In-Reply-To: <8f7a9d58050802181843723462@mail.gmail.com> References: <8f7a9d5805080216505f9b4a51@mail.gmail.com> <8f7a9d58050802181843723462@mail.gmail.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit Subject: Re: [gentoo-user] Testing how secure a server is... Date: Tue, 2 Aug 2005 21:43:17 -0400 To: gentoo-user@lists.gentoo.org X-Mailer: Apple Mail (2.733) From: Colin X-Archives-Salt: 04e21d41-0274-4312-a24d-51c9f6891b3f X-Archives-Hash: bba19fc0af2eade6824ec3c8513154d7 On Aug 2, 2005, at 9:18 PM, Raphael Melo de Oliveira Bastos Sales wrote: > Hey Colin, > > I was looking at the /etc/ssh/sshd_config file and found these: > > LoginGraceTime 600 > MaxAuthTries 6 > > Is the first one what you meant? > > The second seems like an attempt to avoid brute force login. > Neither is what I was thinking of, but they're quite similar. LoginGraceTime means if nobody logged in within 10 minutes of the connection being opened, then it will be closed. I don't know exactly what MaxAuthTries does, but I imagine after the sixth invalid login, the connection would be closed. I found this site, check it out. It's for Red Hat (Gentoo is better!), but it's the same SSHd: http://www.faqs.org/docs/securing/chap15sec122.html > Also, does Grub need any kind of password protection? I don't know if > it was Grub or Lilo that allowed root access unless password > protected. Am I mistaken? GRUB does have some password protection, but it is optional and only needed IIRC if you want to boot something other than the default entry. > As you can see, I still have a lot to learn. ;) Me too. I'm waiting for some more hardware to arrive before I connect this server to the networks (it's primarily a NAT gateway with iptables, but also *for the LAN, not the Internet* runs Apache, ProFTPd, SSHd and rsyncd for Portage). -- Colin -- gentoo-user@gentoo.org mailing list