On 29/01/14 01:18, Joe wrote: > On Tue, 28 Jan 2014 11:58:22 +0000 > Brian <a...@cityscape.co.uk> wrote: > >> On Tue 28 Jan 2014 at 09:46:43 +0000, Joe wrote: >>
<snipped> >> >> > > Good passwords, no. But most of the posts I've seen about hacked Linux > installations where the point of entry was known seem to blame ssh, > possibly because most private installations don't have any other > internet-facing services. > >Somebody must be doing something wrong. > Enabling ssh password login *and* not using portknocking or at an absolute minimum - fail2ban?? Possibly as the result of an ad-hoc approach to "security" (paint by numbers) rather than a comprehensive approach based on a needs based analysis. Kind regards -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52e837a0.9080...@gmail.com
