[mythtv-users] ssh attack

Korey Fort k.m.fort at gmail.com
Thu Dec 29 23:58:53 EST 2005


Get DenyHosts it's a program that tracks log in attempts, if the
account/password is wrong a certain amount of times it will put it in
/etc/host.deny file and block them from attempting. It works great, just
don't forget your password with out a keyboard and monitor connected
directly to the box (before you set it up to ignore certain ip's/users) or
it'll be curtains for you!!

"Let ye without segmentation fault cast the first int!"

Korey Fort

-----Original Message-----
From: mythtv-users-bounces at mythtv.org
[mailto:mythtv-users-bounces at mythtv.org] On Behalf Of Chad
Sent: Thursday, December 29, 2005 8:55 PM
To: Discussion about mythtv
Subject: Re: [mythtv-users] ssh attack

On 12/29/05, Matt Harris <hdinfo at nc.rr.com> wrote:
> This of course won't happen behind a properly configured firewall,
correct?
>
> Darren Hart wrote:
>
> > I'm sure nobody here is dumb enough to do this, but since I was,
> > thought I'd pass the word.
> >
> > There is an ssh attack going around with a brute force login using
> > 2187 different username/password pairs, one such pair happens to be:
> >
> > mythtv:mythtv
> >
> _______________________________________________

MythTV shouldn't be on the external network anyway, IMHO.  I grab my
listings on a seperate box that is directly connected, it also hosts
my mysql db for myth, but myth isn't directly connected (it's actually
completely blocked when I do a port scan, and I've got un-necessary
services shut off/uninstalled).

Security can't be a sometimes thing, otherwise you end up a 45 year
old billionaire.

Chad
_______________________________________________
mythtv-users mailing list
mythtv-users at mythtv.org
http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users



More information about the mythtv-users mailing list