I ssh to a server which has 400+ users, active ones around 100.
Frankly speaking, I would feel comfortable to hide my IP if possible,
any suggestions (I checked the spoof, but seems not positive),
Thanks with best regards,
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 503242D3.3030108@gmail.com">http://lists.debian.org/503242D3.3030108@gmail.com
08-20-2012, 02:02 PM
lina
Is it possible to hide the ip in ssh connection
On Monday 20,August,2012 09:59 PM, lina wrote:
> Hi,
>
> I ssh to a server which has 400+ users, active ones around 100.
>
> Frankly speaking, I would feel comfortable to hide my IP if possible,
>
> any suggestions (I checked the spoof, but seems not positive),
>
> Thanks with best regards,
>
>
Another question, how do I know whether there are some people are
attempting to invade my laptop, my username, ip are all exposed there.
I do know very little,
Thanks again,
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 5032437F.3090709@gmail.com">http://lists.debian.org/5032437F.3090709@gmail.com
08-20-2012, 02:22 PM
Gaël DONVAL
Is it possible to hide the ip in ssh connection
Le lundi 20 août 2012 à 22:02 +0800, lina a écrit :
> On Monday 20,August,2012 09:59 PM, lina wrote:
> > Hi,
> >
> > I ssh to a server which has 400+ users, active ones around 100.
> >
> > Frankly speaking, I would feel comfortable to hide my IP if possible,
> >
> > any suggestions (I checked the spoof, but seems not positive),
> Another question, how do I know whether there are some people are
> attempting to invade my laptop, my username, ip are all exposed there.
An IP address is like your (real) home address.
You are free to send a letter without your true home address on it. You
can spoof it. But then, don't expect a reply: if one is sent, the
recipient would be the one whom address has been spoofed by you.
ssh is like a mail correspondence between you and the remote server: if
you spoof your IP address, you wont be able to use it because you wont
get any reply.
As well, I guess knowing a home address has never helped any robber to
break into a house.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1345472549.4593.19.camel@p76-nom-gd.cnrs-imn.fr">http://lists.debian.org/1345472549.4593.19.camel@p76-nom-gd.cnrs-imn.fr
08-20-2012, 02:33 PM
Camaleón
Is it possible to hide the ip in ssh connection
On Mon, 20 Aug 2012 21:59:47 +0800, lina wrote:
> I ssh to a server which has 400+ users, active ones around 100.
>
> Frankly speaking, I would feel comfortable to hide my IP if possible,
>
> any suggestions (I checked the spoof, but seems not positive),
You mean to hide your ssh remote connecting IP address? If you have
several outgoing network devices you can choose between them to stablish
a connection by means of "-b" argument.
Also, Google seems to return a bunch of results:
http://en.lmgtfy.com/?q=ssh+fake+ip+address
Anyway, I wonder what's what you fear of. You can hide your originating
IP but your username and your activities can be still tracked at least by
the admins >:-)
Greetings,
--
Camaleón
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/k0thrp$mg3$9@ger.gmane.org
08-20-2012, 02:40 PM
Mika Suomalainen
Is it possible to hide the ip in ssh connection
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 20.08.2012 16:59, lina wrote:
>
> I ssh to a server which has 400+ users, active ones around 100.
>
> Frankly speaking, I would feel comfortable to hide my IP if
> possible,
>
> any suggestions (I checked the spoof, but seems not positive),
Try proxychains and tor. [Homepage] of proxychains says
"* Run SSH, telnet, wget, ftp, apt, vnc, nmap through proxy servers."
[Homepage]:http://proxychains.sourceforge.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Public key: http://mkaysi.github.com/PGP/0x82A46728.txt
Comment: gpg --fetch-keys http://mkaysi.github.com/PGP/0x82A46728.txt
Comment: Fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728
Comment: Why do I (clear)sign emails? http://git.io/6FLzWg
Comment: Please remove PGP lines in replies. http://git.io/nvHrDg
Comment: Charset of this message should be UTF-8.
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 50324C79.40106@users.sourceforge.net">http://lists.debian.org/50324C79.40106@users.sourceforge.net
08-20-2012, 02:44 PM
Mika Suomalainen
Is it possible to hide the ip in ssh connection
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 20.08.2012 17:02, lina wrote:
> On Monday 20,August,2012 09:59 PM, lina wrote:
>>> Hi,
>>>
>>> I ssh to a server which has 400+ users, active ones around
>>> 100.
>>>
>>> Frankly speaking, I would feel comfortable to hide my IP if
>>> possible,
>>>
>>> any suggestions (I checked the spoof, but seems not positive),
>>>
>>> Thanks with best regards,
>>>
>>>
> Another question, how do I know whether there are some people are
> attempting to invade my laptop, my username, ip are all exposed
> there.
If you have SSHd and that is what you are worried about, grep ssh from
/var/log/auth.log .
I'm not sure does that require loglevel being "VERBOSE" in sshd_config.
And you might also want to install something like SSHGuard (package
sshguard) to protect your SSHd and other services, which it protects
from attackers. http://www.sshguard.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Public key: http://mkaysi.github.com/PGP/0x82A46728.txt
Comment: gpg --fetch-keys http://mkaysi.github.com/PGP/0x82A46728.txt
Comment: Fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728
Comment: Why do I (clear)sign emails? http://git.io/6FLzWg
Comment: Please remove PGP lines in replies. http://git.io/nvHrDg
Comment: Charset of this message should be UTF-8.
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 50324D55.10007@users.sourceforge.net">http://lists.debian.org/50324D55.10007@users.sourceforge.net
08-20-2012, 02:47 PM
Ralf Mardorf
Is it possible to hide the ip in ssh connection
On Mon, 2012-08-20 at 16:22 +0200, Gaël DONVAL wrote:
> Le lundi 20 août 2012 à 22:02 +0800, lina a écrit :
> > On Monday 20,August,2012 09:59 PM, lina wrote:
> > > Hi,
> > >
> > > I ssh to a server which has 400+ users, active ones around 100.
> > >
> > > Frankly speaking, I would feel comfortable to hide my IP if possible,
> > >
> > > any suggestions (I checked the spoof, but seems not positive),
> > Another question, how do I know whether there are some people are
> > attempting to invade my laptop, my username, ip are all exposed there.
>
> An IP address is like your (real) home address. [snip]
No it's not, it's still secret enough for averaged usage. Only a curt is
able to allow that your IP becomes as open as your "(real) home address"
and that just to a small group of known people. Everybody has a right of
private sphere and IP addresses keep private sphere. If you plan to bomb
the Deutsche Parlament, than don't worry about security issues regarding
to the IP address. If so, you need completely different security, but
hiding your IP. If you, Lina, worry stalking from an ex-boyfriend, than
the IP address is something that he doesn't need, since he knows too
much about you, that is much more informing, how and where you live
today. Conspiration, stalking etc. does happen, but usually nobody needs
an IP. Idiots as lawyers need an IP, to sue fans of mainstream
pop-rock-bands. The Federal (German) Intelligence Service prefers
profilers.
Read the magazine "conspiracy theorist today" .
Regards,
Ralf
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/1345474061.1285.47.camel@localhost.localdomain
08-20-2012, 03:09 PM
lina
Is it possible to hide the ip in ssh connection
On Monday 20,August,2012 10:44 PM, Mika Suomalainen wrote:
> On 20.08.2012 17:02, lina wrote:
>> On Monday 20,August,2012 09:59 PM, lina wrote:
>>>> Hi,
>>>>
>>>> I ssh to a server which has 400+ users, active ones around
>>>> 100.
>>>>
>>>> Frankly speaking, I would feel comfortable to hide my IP if
>>>> possible,
>>>>
>>>> any suggestions (I checked the spoof, but seems not positive),
>>>>
>>>> Thanks with best regards,
>>>>
>>>>
>> Another question, how do I know whether there are some people are
>> attempting to invade my laptop, my username, ip are all exposed
>> there.
>
> If you have SSHd and that is what you are worried about, grep ssh from
> /var/log/auth.log .
This is the first time I know the auth.log
Aug 20 16:06:14 Debian sshd[10509]: Did not receive identification
string from 172.21.48.161
Aug 20 16:06:42 Debian sshd[10510]: Invalid user administrator from
172.21.48.161
Aug 20 16:06:43 Debian sshd[10510]: Failed password for invalid user
administrator from 172.21.48.161 port
56139 ssh2
Aug 20 16:06:44 Debian sshd[10510]: Connection closed by 172.21.48.161
[preauth]
172.21.48.161 is not the ip of any servers I connected to.
and for ssh I use public keys to connect to sever, don't use password.
For the whole day I didn't shut down the laptop, 172.21.50.108 is the
ip, and furthermore I checked
# more syslog | grep 172.21.48.161
# more syslog.1 | grep 172.21.48.161
my laptop has never been bound to this IP before.
I don't know shall I be a bit appalled or not.
> I'm not sure does that require loglevel being "VERBOSE" in sshd_config.
>
> And you might also want to install something like SSHGuard (package
> sshguard) to protect your SSHd and other services, which it protects
> from attackers. http://www.sshguard.net/
Thanks very much.
Best regards,
>
>
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 5032531F.2000204@gmail.com">http://lists.debian.org/5032531F.2000204@gmail.com
08-20-2012, 03:15 PM
Lars Noodén
Is it possible to hide the ip in ssh connection
It looks like it is possible to use Tor as a proxy:
If this document is correct, it is very easy to set up. That would
obfuscate the ip number you are connecting from by adding a jump in the
middle. The target server would only see that last step.
Regards,
/Lars
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 503254A9.6080303@gmail.com">http://lists.debian.org/503254A9.6080303@gmail.com
08-20-2012, 03:15 PM
lina
Is it possible to hide the ip in ssh connection
On Monday 20,August,2012 10:44 PM, Mika Suomalainen wrote:
> On 20.08.2012 17:02, lina wrote:
>> On Monday 20,August,2012 09:59 PM, lina wrote:
>>>> Hi,
>>>>
>>>> I ssh to a server which has 400+ users, active ones around
>>>> 100.
>>>>
>>>> Frankly speaking, I would feel comfortable to hide my IP if
>>>> possible,
>>>>
>>>> any suggestions (I checked the spoof, but seems not positive),
>>>>
>>>> Thanks with best regards,
>>>>
>>>>
>> Another question, how do I know whether there are some people are
>> attempting to invade my laptop, my username, ip are all exposed
>> there.
>
> If you have SSHd and that is what you are worried about, grep ssh from
> /var/log/auth.log .
BTW, what is the 172.21.48.161, seems in the old auth.log* also has this
one.
# zmore auth.log.2.gz | grep 172.21.48.161
Aug 5 16:05:13 Debian sshd[15369]: Did not receive identification
string from 172.21.48.161
Aug 5 16:05:36 Debian sshd[15370]: Invalid user administrator from
172.21.48.161
Aug 5 16:05:36 Debian sshd[15370]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.21.48.161
Aug 5 16:05:38 Debian sshd[15370]: Failed password for invalid user
administrator from 172.21.48.161 port 54999 ssh2
Aug 5 16:05:40 Debian sshd[15370]: Connection closed by 172.21.48.161
[preauth]
Aug 6 04:04:45 Debian sshd[19015]: Did not receive identification
string from 172.21.48.161
Aug 6 04:05:09 Debian sshd[19016]: Invalid user administrator from
172.21.48.161
Aug 6 04:05:09 Debian sshd[19016]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.21.48.161
Aug 6 04:05:10 Debian sshd[19016]: Failed password for invalid user
administrator from 172.21.48.161 port 59847 ssh2
Aug 6 04:05:11 Debian sshd[19016]: Connection closed by 172.21.48.161
[preauth]
Aug 6 16:06:08 Debian sshd[23030]: Did not receive identification
string from 172.21.48.161
Aug 6 16:06:29 Debian sshd[23032]: Invalid user administrator from
172.21.48.161
Aug 6 16:06:29 Debian sshd[23032]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.21.48.161
Aug 6 16:06:31 Debian sshd[23032]: Failed password for invalid user
administrator from 172.21.48.161 port 49880 ssh2
Aug 6 16:06:32 Debian sshd[23032]: Connection closed by 172.21.48.161
[preauth]
Aug 7 04:04:44 Debian sshd[916]: Did not receive identification string
from 172.21.48.161
Aug 7 04:05:07 Debian sshd[917]: Invalid user administrator from
172.21.48.161
Aug 7 04:05:07 Debian sshd[917]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.21.48.161
Aug 7 04:05:09 Debian sshd[917]: Failed password for invalid user
administrator from 172.21.48.161 port 55548 ssh2
Aug 7 04:05:23 Debian sshd[917]: Connection closed by 172.21.48.161
[preauth]
Thanks again,
Best regards,
> I'm not sure does that require loglevel being "VERBOSE" in sshd_config.
>
> And you might also want to install something like SSHGuard (package
> sshguard) to protect your SSHd and other services, which it protects
> from attackers. http://www.sshguard.net/
>
>
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 503254AB.8030203@gmail.com">http://lists.debian.org/503254AB.8030203@gmail.com
Is it possible to hide the ip in ssh connection
.
