On 29/01/14 01:18, Joe wrote: > On Tue, 28 Jan 2014 11:58:22 +0000 > Brian <[email protected]> wrote: > >> On Tue 28 Jan 2014 at 09:46:43 +0000, Joe wrote: >>
<snipped> >> >> > > Good passwords, no. But most of the posts I've seen about hacked Linux > installations where the point of entry was known seem to blame ssh, > possibly because most private installations don't have any other > internet-facing services. > >Somebody must be doing something wrong. > Enabling ssh password login *and* not using portknocking or at an absolute minimum - fail2ban?? Possibly as the result of an ad-hoc approach to "security" (paint by numbers) rather than a comprehensive approach based on a needs based analysis. Kind regards -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
