Re: Need urgent help regarding security
ray_at_redshift.com
Date: 11/21/05
- Previous message: Jeremie Le Hen: "Re: Need urgent help regarding security"
- In reply to: Marian Hettwer: "Re: Need urgent help regarding security"
- Next in thread: Marian Hettwer: "Re: Need urgent help regarding security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 21 Nov 2005 04:30:04 -0800 To: Marian Hettwer <MH@kernel32.de>
At 09:33 AM 11/21/2005 +0100, Marian Hettwer wrote:
| Hi there,
|
| ray@redshift.com wrote:
| >
| > Also, if you have access to the router, it's handy to re-write traffic from a
| > higher public port down to port 22 on the server, since that will trip up
anyone
| > doing scans looking for a connect on port 22 across a large number of IP's.
| >
| No. That's security by obscurity and doesn't make your system even a wee
| bit more secure.
| Disable root login via ssh (like already mentioned), enforce public-key
| authentication and maybe even go with OPIE.
|
| > Anyway, just a couple of ideas I thought might be helpful while on the subject
| > of SSH hardening :-)
| >
| all of them were about hardening, except the security by obscurity
| "put-the-sshd-on-another-port" advice ;)
| don't do that.
|
| Regards,
| Marian
Okay, I'll give you that. However, if someone was only scanning port 22, then
it would help keep you out of the scan :)
Ray
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Jeremie Le Hen: "Re: Need urgent help regarding security"
- In reply to: Marian Hettwer: "Re: Need urgent help regarding security"
- Next in thread: Marian Hettwer: "Re: Need urgent help regarding security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
