Thursday, June 29, 2006

Under Attack

I used to be a computer geek. Really, it's true. I always wanted to be a unix kernel hacker like my friend Special K. But alas, it was not to be.

I keep some remnants of my previous life. I try to stay hip to what the kids are doing nowadays. I've got accounts on pretty much every Web 2.0 site in the world. I've got my own FreeBSD server dishing out pictures.

But my powers are waning. I use Windows as my primary operating system; heck, I even use Outlook to read my work email. I'm using Flickr more and gallery less.

Which brings me to tigger. tigger, my network server, has been under attack for months. Every morning I get a security report, and typically I have several hundred failed logins to my SSH server (which would get them real access to the box). They come from different addresses each day, so I can't just block one net.

I've spent a little time trying to stop it. I read the man page for sshd_config many times, and tweaked some options. I messed with hosts.allow to keep out foreigners. I've spend hours working on my ipfw firewall rules (which I totally have lost control of). All to no avail. I'm considering just disabling sshd altogether. This would keep the bad guys out, but would also prevent me from being able to remotely get to my system when I need to.

I don't want to give up, but I don't have time and I'm out of ideas.

Do any of the remaining geeks out there have any suggestions?

Bonus points to anyone who can improve my wifi range -- I have a terrible connection in my bedroom, which is where all the wireless client devices hang out. Are there secret ifconfig ath0 options I can tweak?

No comments:

Post a Comment