Stop SSH from Listening on IPv6

By default, SSH listens on both IPv4 and IPv6, if you don’t connect using IPv6 then you can disable it entirely from listening. Example: [email protected]:~# netstat -ntlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0* LISTEN 2241/sshd tcp 0 0* LISTEN… Read more »

Hardening SSHD for Security

The secure shell daemon should be hardened to prevent unauthorised access before being put into a production environment or exposed to the internet. 1. Verify the /etc/ssh/sshd_config file contains the following lines and that they are not commented out: Protocol 2 IgnoreRhosts yes HostbasedAuthentication no PermitRootLogin no PermitEmptyPasswords no AllowTcpForwarding no (unless needed) X11 Forwarding… Read more »

Setting up BackTrack 5 R3

Setting up BackTrack 5 R3 Out of the box you might find that BackTrack 5 doesn’t give you some basic services, this is just a quick note on how to make things work. Run all commands without the “#” Update Packages #apt-get update #apt-get upgrade Enable SSH Keys Generate SSH Keys #sshd-generate AutoStart SSH #update-rc.d… Read more »