|
|
Disable ssh access for password-guessing bots
I have to disagree. Security by obscurity is almost as bad as no security at all. A port scanner can see which ports are open, and then identify your alternative SSH port as SSH anyway. At that point, you're in the same danger as any other SSH user.
Disable ssh access for password-guessing bots
And I disagree with you. The bots I've seen attacking public ssh servers at random do _not_ scan all ports but just go for the easy route. Sure, if some hacker is dedicating all its time to crash just your machine, he's going for the port scan route for sure, but the poster here tries to get rid of the random and dumb attempts, which are the major and most common annoyonce for a public server.
Disable ssh access for password-guessing bots
Perhaps I read the original hint wrong, then. It didn't seem aimed at preventing the messages from appearing (which your suggestion would definitely help with), but the poster seemed to want to ban machines that try and fail too many times, which seems like a security issue.
Disable ssh access for password-guessing bots
I agree with both of you - changing the port WILL stop the constant bot scans - they only check port 22.
Disable ssh access for password-guessing bots
I don't think that IPFW lets you overload tables dynamically like PF. I'm willing (and hoping) to be proven wrong on this, though.
Disable ssh access for password-guessing bots
If you don't care about breaking compatibility, moving SSH to a different port will have two effects: 1) it will clear clutter from your logs and 2) ssh login attempts you see on another port are probably far more serious than port 22 scanning bots. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.14 seconds |
|