tightening ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I've been reading up, and talking up, various security strategies. One thing 
that is striking to me in looking at logs for my servers are the endless ssh 
probes that go on. It appears to be one of the most common. Up till recently, 
I had dealt with this by using firewall rules to allow ssh access only to 
selected ip addresses - to all others, the port appears closed (I checked 
this with port scans). Now, I must change strategies. I need to give access 
to an associate who gets his dsl ip address via dhcp, so it's always 
changing. I'm not quite ready to try port knocking, so, the other suggestion 
I read over and over is to provide ssh on a non-standard port. So, I throw 
this out to the collective experience - what's your take on that strategy? 
Won't simple scans reveal the existence of ssh access on a non-standard port? 
Is this really much protection? Is it merely a question of reducing odds? 
-- 
Claude Jones
Bluemont, VA, USA


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux