Connection Wifi-SSH Name – Alisa Wifi Password (Security): alisa@12.
Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these...
Transcript of Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these...
![Page 1: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/1.jpg)
UnderstandingVPSSecurityviaSSH
PatPannuto/MarcusDarden/CameronGagnon(fortoday!)
![Page 2: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/2.jpg)
Today'sDefinitions-VPS
![Page 3: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/3.jpg)
Today'sDefinitions-VPS
-PAM
![Page 4: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/4.jpg)
Today'sDefinitions-VPS
-PAM
-SPAM
![Page 5: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/5.jpg)
Today'sDefinitions-VPS
-PAM
-SSH
![Page 6: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/6.jpg)
ReallyToday'sDefinitions-VirtualPrivateServers(VPS)
-PluggableAuthenticationModules(PAM)
-SecureSHell(SSH)
![Page 7: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/7.jpg)
ReallyToday'sDefinitions-VirtualPrivateServers(VPS)
Homework1!
-PluggableAuthenticationModules(PAM)
-SecureSHell(SSH)
![Page 8: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/8.jpg)
ReallyToday'sDefinitions-VirtualPrivateServers(VPS)
Homework1!
-PluggableAuthenticationModules(PAM)
-SecureSHell(SSH)Matt'spostonPiazza!
![Page 9: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/9.jpg)
NowYouKnow
![Page 10: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/10.jpg)
Project'sGoal-Showusthepasswordsofpeople(orprograms)tryingtoauthenticatetotheVirtualPrivateServer
![Page 11: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/11.jpg)
Project'sGoal-Showusthepasswordsofpeople(orprograms)tryingtoauthenticatetotheVirtualPrivateServer
Lecture'sGoal-Showhowknowledgefromthisclasscanbeapplied
![Page 12: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/12.jpg)
SettingupaVirtualPrivateServer-Whatdoyoudowhenyoufirstsetupanewcomputer,phone,orpersonaldevice?
![Page 13: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/13.jpg)
SettingupaVirtualPrivateServer-Whatdoyoudowhenyoufirstsetupanewcomputer,phone,orpersonaldevice?
DotfilesHomework12!
![Page 14: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/14.jpg)
SettingupaVirtualPrivateServer-Whatdoyoudowhenyoufirstsetupanewcomputer,phone,orpersonaldevice?
DotfilesHomework12!
~/.ssh/config
Hostc4cs-lecture
Hostname138.236.11.81
Userroot
IdentityFile~/.ssh/id_rsa_do_pnu
RegularandAdvancedHomework12
![Page 15: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/15.jpg)
Let'sdiveinhttps://github.com/cameron-gagnon/ssh_pass_logging
![Page 17: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/17.jpg)
InstallingthePAMmoduleWheredidwelearnhowprogramsgetconfigurationinformation?
![Page 18: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/18.jpg)
InstallingthePAMmoduleWheredidwelearnhowprogramsgetconfigurationinformation?
Lecture3!
![Page 19: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/19.jpg)
InstallingthePAMmoduleWheredidwelearnhowprogramsgetconfigurationinformation?
Lecture3!
AlternativestoaPAMmoduleInstallandcompileOpenSSHfromsourcewhileaddingthispatch.Wouldgettotieinpackagemanagers(Week12!)
![Page 20: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/20.jpg)
Scripting#fromcreate_initial_users.sh
#listofsomedefaultusernamestoadd
whileIFS=''read-ruser||[[-n"$user"]];
do
./honeypot_user.sh"$user"
done<"usernames.txt"
RegularandAdvancedHomework3AdvancedHomework6
![Page 21: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/21.jpg)
PipingcommandsFromLecture6
ifconfigenp0s3|grep'inet'|tr-s"[:space:]"":"|cut-d":"-f4
Fromthe Makefile
cat/var/log/passwords|cut-d';'-f3|grep-vE
'^[[:cntrl:]]|^[[:space:]]*$$'|cut-d=-f2|tr-d''|sort|uniq|
tee-ausernames.txt
![Page 22: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/22.jpg)
SecurityWhattodoaboutalltheseattempts?
Configuresettingsin /etc/ssh/sshd_config topreventpasswordbasedauthenticationfail2ban
![Page 23: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/23.jpg)
Attendance
![Page 24: Understanding VPS Security via SSH · 2020. 4. 10. · Security What to do about all these attempts? Configure settings in /etc/ssh/sshd_config to prevent password based authentication](https://reader033.fdocuments.in/reader033/viewer/2022060911/60a5af668df96f50381040ce/html5/thumbnails/24.jpg)
Questions?