Thanks Lars, for sharing the interesting article. I also recommend that people use fail2ban <http://www.fail2ban.org>. It is a simple tool that looks at logs to fend brute force
--- Regards, Saptarshi PURKAYASTHA On 28 September 2014 16:37, Bob Jolliffe <bobjolli...@gmail.com> wrote: > Some interesting thoughts but i wouldn't buy his main argument (I've read > it before). The last comment by 'Dicer; is important. Of course your sshd > can be discovered (using nmap or the like) but it takes a little time. > Time which is generally more profitably spent hunting down the next port 22 > listener. > > For the "annoying" -P problem of scp (and other progarms like rsync) which > expect ssh on port 22, that's what ~/.ssh/config is for :-) See > http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/ > for example. > > Having said that its really important to know that shifting the port is > one of a number of measures, not a solution in itself - the more important > being disabling root access and password authentication. > > Port knocking is clever .. used to do this on SA gov periphery firewalls. > Haven't really bothered in recent times, but maybe something to consider in > these turbulent times. > > Meanwhile i continue to shift my ssh port and encourage others to do the > same :-) > > Cheers > Bob > > On 28 September 2014 17:09, Lars Helge Øverland <larshe...@gmail.com> > wrote: > >> "Why putting ssh on another port than 22 is a bad idea": >> >> >> https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/ >> >> Lars >> >> _______________________________________________ >> Mailing list: https://launchpad.net/~dhis2-devs >> Post to : dhis2-devs@lists.launchpad.net >> Unsubscribe : https://launchpad.net/~dhis2-devs >> More help : https://help.launchpad.net/ListHelp >> >> > > _______________________________________________ > Mailing list: https://launchpad.net/~dhis2-devs > Post to : dhis2-devs@lists.launchpad.net > Unsubscribe : https://launchpad.net/~dhis2-devs > More help : https://help.launchpad.net/ListHelp > >
_______________________________________________ Mailing list: https://launchpad.net/~dhis2-devs Post to : dhis2-devs@lists.launchpad.net Unsubscribe : https://launchpad.net/~dhis2-devs More help : https://help.launchpad.net/ListHelp
