Re: [bitfolk] The perils of opening tcp/22 to the Internet

Top Page
This message is part of the following thread:
M--++-\the complete thread tree sorted by date
M+\MM.MKai Hendry at <-
MMM.MMMathew Newton at ->

Reply to this message
Author: Casper Gasper
Date:  
To: James Gregory
CC: users
Subject: Re: [bitfolk] The perils of opening tcp/22 to the Internet
I'm no longer a bitfolk customer, but IMHO:

>> 3) Disable root login.
>
> I would say yes for every OS. There shouldn't really be any need to
> log in as root (esp if you can su/sudo up to it).

I'm not sure this gets you much -- many bots just want to send
email/packets to other networks which can be done with regular
accounts.

>>
>> 6) Move sshd to another port.
>
> More of a security by obscurity approach, but it would limit the
> inbound attacks.


Running ssh on a non-standard port is the best option in terms of
setup time and effectiveness -- it won't deter a dedicated attack, but
it stops you being the low-hanging fruit.

Casper.

This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-Re: [bitfolk] Remote syslog?Re: [bitfolk] The perils of opening tcp/22 to the Internet->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.1)