How should I react to break in attempts
Matt Morgan
minxmertzmomo at gmail.com
Fri Apr 8 21:09:24 UTC 2005
On Apr 8, 2005 10:25 AM, Arthur Pemberton <dalive at flashmail.com> wrote:
> I'm gettign mail from logwatch as to the following:
>
> root (en201247.uac63.hknet.com): 3 Time(s)
>
> What's my best plan of action to respond to such? Yes I root logins via
> sshd disabled.
>
> Thanks for the advice.
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
I like running sshd on a non-standard port. That stopped all bogus
attempts for me. It's easy to do this with the port setting in
sshd.conf.
The disadvantage is that many corporate firewalls restrict outgoing
traffic on funny ports, so if you're trying to connect from inside
such a firewall, you won't be able to use just any port.
More information about the fedora-list
mailing list