Re: Attacks on ssh port
From: Frankye - ML (listsucker_at_ipv5.net)
Date: Sat, 18 Sep 2004 18:37:15 +0200 To: firstname.lastname@example.org
On Sun, 19 Sep 2004 00:29:55 +1000 (EST)
Chris Ryan <email@example.com> wrote:
| > I've just moved the public port of the sshd on
| > another port, quite lame
| > but at least I'm not bothered by worms :)
| i believe this has to be one of the simplest ways of
| stopping incoming ssh attacks.
Of course, this is just to stop mindless (and quite lame in this case)
worms to fill my logs. It's almost-nonexistent impact on the complexity of
the system, and almost all the scans (by worms or people with a
portscanner) directed to ssh I've ever received are directed to 22 only.
This, btw, seems to be the case with all the people I've speaked with on
the subject, so I guess it's a good addition to the usual precautions
(disallow certain users, do not use passwords and so on, guess everyone
has a favorite receipt :)
-- Frankye Fattarelli |U| |P| |S|F| frankye.DIESPAMMERSDIE@ipv5.net |R| |S| |Y|I| this email is RFC 3514 compliant |G| |H| |N|N| _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "email@example.com"