On Wed, 2004-10-27 at 06:54, Jim Higson wrote: > > Good points James...you missed one though... port 22. I see more attempts > > on SSH than any other port....stupid and LAME attempts but more on this > > than any other... > > Out of curiosity, how much does it really matter so long as you have strong > passwords? > > If security holes are discovered in ssh, then sure, someone who knows what > they're doing might be able to gain access. But then someone qualified enough > to find new holes in ssh won't be targeting my desktop box, or the http > server for a small buisines. > > In general isn't ssh pretty secure, and aren't security fixes normally issued > before the script kiddies get hold of an exploit? Brute force login attempts against ssh can work if given enough time just like any other access that uses simple password protection. It just may take a really long time to get to the right combination of letters, numbers, and special characters (assuming you have a non-trivial password that is not dictionary based). And it is best practice to limit ssh to only those accounts that need to use it and block direct root access. This limits the user ids that will work and makes it just a little more difficult. Like others have said in this thread, you are managing risk, some may feel comfortable with a higher level of risk that others. But as long as you make your system just a little more difficult to access than the next one more than likely the hackers will move on to the system that is easier to hack. Of course most security breaches in companies are from inside not external. And those that are external normally are of the social engineering type instead of some clever hack over the Internet. -- Scot L. Harris webid@xxxxxxxxxx The better part of valor is discretion. -- William Shakespeare, "Henry IV"
