[snip] > No advantage, if you can use your whitelist by all means do so. I can't > easily whitelist (users traveling, connecting where they can), so > instead I use iptables and denyhosts to dynamically blacklist. If you > have to leave ssh open and on the standard port the dynamic blacklisting > is very effective. yip - use denyhosts from extras. i set the password attempts to 3 and the ssh attacks just get handled. The information contained in this Internet Email message is intended for the addressee only and may contain privileged information, but not necessarily the official views or opinions of Intelligroup New Zealand Limited. If you are not the intended recipient you must not use, disclose, copy or distribute this message or the information in it. If you have received this message in error, please email or telephone the sender immediately.
<<winmail.dat>>
