Re: Running ssh on unreserved ports

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2/19/11 8:45 AM, Rick Sewill wrote:
> On Saturday, February 19, 2011 04:28:11 am Anne Wilson wrote:
>> On Saturday 19 February 2011 10:20:30 Tim wrote:
>>> On Fri, 2011-02-18 at 16:07 -0500, Alex wrote:
>>>> I'd like to move it to a higher port to avoid the normal doorknob
>>>> rattling that occurs with ssh running on a public server.
>>> Even with it on a different port, you'd probably want to implement some
>>> firewalling that auto-bans an IP after few failed attempts.  That stops
>>> them from continually trying to get through.
>>>
>>> I think there was a package called fail2ban, or something similar, that
>>> did that automatically.
>> Fail2ban is easy to set up, and I've seen it stop attempts here.
>>
>> Anne
> The one time I suffered a rootkit on Linux was when someone
> used a bug in ssh to get into my system.  Fortunately, for me,
> I discovered the rootkit within hours of it happening and reloaded.
>
> I am paranoid about ssh and welcome suggestions that increase my ssh
> security configuration, in particular, and overall security, in general.
Sounds like you have a good security policy.  Scan often is one thing 
that it appears you do as you caught the compromise of your system quickly.

No system on the Internet is totally secure, and you applied that policy 
well.

James McKenzie
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux