Re: Security basics

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Patrick and all!

Someday, Lord willing, I would like to set up a lot of standard ports
to go to a "honey pot - virtual area" on my systems.  I would love to
be able to let the attacker do his thing in a safe environment which
allows me to gather all the information about him and his ways that I
can.

Then, I would love to be able to automatically report all of this good
information to the security community almost as fast as it occurs.
The thought of some agents knocking on the attacker's door as he
continues an attack makes me smile.

To a great future fellows!

Tod

On 10/3/07, Patrick <flymooney@xxxxxxxxx> wrote:
> Steve Siegfried wrote:
>
> > Changing ports for ssh isn't actually that hot of an idea.  Most port scanners
> > can detect ssh implementations since they normally self-identify.  For example,
> > if you're running ssh on the normal port (22), try executing:
> >       /usr/bin/telnet YOUR.HOST.IP.ADDR 22
> > and see what pops out.
> >
> > Hope this helps'idly,
> >
> > -S
>
>   Changing SSH ports on my server yielded a 100% drop (yes...100%) in
> routine script attacks. I still have the usual people checking for
> phpMyAdmin stuff as well as the others, but nothing comes through on SSH
> now. And yes, when I did it I heard the whole "security through
> obscurity is not security" BS but the results cannot be argued with. In
> summation, CHANGE YOUR SSH PORT. It will work and cut down if not
> eliminate the script kiddies. Then when someone really starts knocking
> on your SSH door, it will not be lost in all of the "noise" from the
> scripters.
>
> Patrick
>
>
> --
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux