> I didn't realize that these brute force attempts were so common. Had
> to go check and see if I was getting hit with such attempts. Indeed,
> I am. About 1500 failed attempts in the last month. As Jeremy says,
[...]
> I supposed using a non-standard port would keep your log files
> cleaner, but I don't know that it really makes you any more secure.
More secure? Not necessarily but, for comparison, in the last 30 days I
see exactly zero failed attempts against SSH on a box at home (with sshd
running on a high port). Obviously it would only take one attempt if
the attacker guessed the right username and password, but I certainly
have a lot less people "knocking on the door".
Somebody will chime in that running sshd on a high random port is
"security by obscurity", but I don't agree with that.
--
Jeremy L. Gaddis
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug
No comments:
Post a Comment