 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Sun, 2005-11-20 at 20:20 -0500, Bob George wrote: > David Kramer wrote: > > > [...]Thanks all. I guess it's best to just ignore it, now that I > > tightened up > > > >ssh a little and ensured nothing actually got through. > > > > > Keep in mind there have been exploits against ssh before. You might move > it to a non-default, higher port just to avoid being trivial to > discover, in addition to all the other measures. At least that way, a > full discovery port scan will take a lot longer to complete. This actually works wonders. I too have gnarly passwords but got sick of seeing half a dozen script kiddies fiddling around on port 22 every day - IP addrs from everywhere on the planet. I closed 22 at my firewall, opened a higher port, reconfigured sshd and haven't heard a peep out of them ever since. Next time I do I'll be switching to a 'knock and enter' scheme: ping this port, ping that one and my ssh port magically appears on the third. ccb -- Charles C. Bennett, Jr. <ccb at acm.org>
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
