[mythtv-users] Securing mythweb

Mike Perkins mikep at randomtraveller.org.uk
Wed Feb 10 15:46:29 UTC 2010

Kevin Ross wrote:
>> Once you open up port 22 on your mythtv box to the internet,
>> it will be hit by computers trying to hack into it (check out
>> logwatch to find out).  If you leave userID logins enabled,
>> odds are you will eventually get hacked.
> I do allow user logins on my ssh server.  I use the nifty program called
> fail2ban.  It watches for failed login attempts (on many services, not just
> ssh) and will add a temporary iptables blacklist entry for the offending IP
> address.  After 10 minutes, it lifts the ban.  It stops the script kiddies.
> Most of the time, after the initial ban, I don't see them again.  I guess
> their script moves on to the next host in their list.  If they are
> persistent, they can only try 3-5 passwords every 10 minutes.
Not going to work. The bad guys figured this out, oh, maybe a year ago. Now, 
each host on their botnet tries *once* each with a password attempt before 
moving on. This means that you have plenty of single, unique IP addresses 
hammering your firewall all day. It gets old real quick.


Mike Perkins

More information about the mythtv-users mailing list