How should I react to break in attempts
Steven Stern
subscribed-lists at sterndata.com
Fri Apr 8 23:39:12 UTC 2005
Jan Morales wrote:
> Yesterday a single host out there made over 300 attempts to login to
> sshd on my server. My feeling is that I can't stop people from trying,
> so my only goal is to prevent them from succeeding. Use a firewall
> and/or iptables or similar things, lock out unused logins, use good
> passwords on active logins, kill unnecessary services, stay up to date
> on security updates, etc. Someone once said that the only way to
> absolutely guarantee a computer's security is to unplug it. Short of
> that, approach computer security diligently, because people out there
> will try to break in.
>
> Arthur Pemberton wrote:
>
I edited the SSHd config file to listen on a port other than 22.
Alternatively, you could use IPTABLES to route some port (say 2022) to
port 22.
--
Steve
More information about the fedora-list
mailing list