I've been crazily busy lately, finally got a chance to check our fabulous CDOT planet again. Saw a few nice posts from LUX classmates. As the king of blog in LUX class, of course I have to post something, I'm gonna beat Kezong!! hehe... (see below for Kezhong's blog)
Yesterday I just did public key authentication too. You can actually do the following to minimize all the work. All you have to do is copy and paste following and type your password twice. :-)
===== Commands =====
##### Step: 1 #####
ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
Key=`cat ~/.ssh/id_rsa.pub `
ssh -f -q nestor@bossanesta.ath.cx "echo $Key >> .ssh/authorized_keys"
##### Step: 2 #####
ssh -f -q nestor@bossanesta.ath.cx chmod 600 .ssh/authorized_keys
===== Verify =====
# if dosen't work, you can always use verbose/debug mode to see the ssh process..
ssh -vv bossanesta.ath.cx
# if still dosen't work and you're sure your file and permission is right, you may want to check the server sshd config file and make sure Public Key authentication is enabled. It's enabled by default anyway. Also you may need to create and change the ~/.ssh folder permission by yourself, if you have never ssh "from" the server/target.
##### IF SOMETHING GOES WRONG #####
Just follow the official guide step by step.. :-)
=== LINK ===
OpenSSH Public Key Authentication
A professional article about Public Key Authentication from very profession LUX student
Tuesday, June 30, 2009
Wednesday, June 3, 2009
Weekend; Toronto Island; Unplug day..
I've been quite busy for work and things that I want to learn in this field. Last week was very busy. So, last weekend, I decided not to do any thing about computer.. well.. i did tried. I went to Toronto Island for photography. I found that's the best way to be away of computer and get some real fresh away. :-)
I did about 300, 400 photos in there, went there around 5pm and start shooting once I was on a boat. I was surprised that view was so good from Toronto Island. Too bad there were a bit of fogs. I should go there one more time when humility was low. Any way, hope you enjoy the photos. Save them as your wallpaper if you want. :-)
hackers; spider; IDS; spam
In last few days, I've been getting a lot of possible attack warning from my IDS. Before, i always get some local port scan, brut force attack. Yesterday, I found one form Hong Kong.. i was like.. how could that be?
Then, I found the reason. 1,2 days ago.. I login to a photography site and post some of my photos, and I updated my profile and put my domain name on it. That site is from HK.. so.. I guess that explain why I got more attacker from HK.
Nes: 20090603:2030
I totally forgot to mention about "spider". I believe after posting that photo site (dcfever.com) I got attack from HK. I believe somehow some hacker use spider program to search every one's profile and see if there is a site. I believe that's how they got my site. I'm putting myself in a hacker's situation, I would do this. Why waste the time to surf every one's profile and see if there is any possible site to attack?:-)
I've been thinking to do something interesting to my possible attacker. I was thinking to hack them back.. but. hehe... i'm not a good hacker and i dun wanna get in big trouble. So, I've been thinking to telnet their mail port (25) and use snmp protocol to send them an email and tell them that there is 'someone' trying to hack other people's network. (hey, if someone trying to login my ssh with root or ssh more than 5 and it's not me, i'm sure that's not accident!!) That would be fun.. but I think i'll have to mangle my IP too. Just send that mail command, i wouldn't care if i got receive back.
Unfortunately, my Rogers broadband block port 25.. sigh.. I've been thinking to switch an other ISP.. found one for $45 with a static IP and all port open!! That seems to be a good choice tho.
Then, I found the reason. 1,2 days ago.. I login to a photography site and post some of my photos, and I updated my profile and put my domain name on it. That site is from HK.. so.. I guess that explain why I got more attacker from HK.
Nes: 20090603:2030
I totally forgot to mention about "spider". I believe after posting that photo site (dcfever.com) I got attack from HK. I believe somehow some hacker use spider program to search every one's profile and see if there is a site. I believe that's how they got my site. I'm putting myself in a hacker's situation, I would do this. Why waste the time to surf every one's profile and see if there is any possible site to attack?:-)
I've been thinking to do something interesting to my possible attacker. I was thinking to hack them back.. but. hehe... i'm not a good hacker and i dun wanna get in big trouble. So, I've been thinking to telnet their mail port (25) and use snmp protocol to send them an email and tell them that there is 'someone' trying to hack other people's network. (hey, if someone trying to login my ssh with root or ssh more than 5 and it's not me, i'm sure that's not accident!!) That would be fun.. but I think i'll have to mangle my IP too. Just send that mail command, i wouldn't care if i got receive back.
Unfortunately, my Rogers broadband block port 25.. sigh.. I've been thinking to switch an other ISP.. found one for $45 with a static IP and all port open!! That seems to be a good choice tho.
Subscribe to:
Posts (Atom)
