14 Mar
2010
14 Mar
'10
12:11 p.m.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 14/03/2010 08:51, Andy Smith wrote:
6) Move sshd to another port.
[snip]
Moving the SSH port is probably the most effective of all, but I
think it would be really confusing and not accepted by people, to
find that their SSH was provisioned e.g on port 2022 to begin with.
I find this to be quite the best way of severely reducing, if not
removing, the incidence of untargeted SSH dictionary attacks (I do keys
/ valid username restriction / no root login too). I can't remember the
last time I saw a failed SSH attempt in the logs.
Cheers
Dominic
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkuc0lYACgkQC9o1X6ZWkII8wQCgk0biSRYbyWOofXIrYWDsC0Xx
G5gAn3IZCjs+/ic6nR1uv6fK2b+uHOxj
=rdcE
-----END PGP SIGNATURE-----