Mailinglist Archive: opensuse (1986 mails)
| < Previous | Next > |
Re: [opensuse] Results of moving ssh to a high port - Zero script kiddies in a 24 hour period.
- From: G T Smith <grahamsmith@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 28 Nov 2008 12:47:58 +0000
- Message-id: <492FE87E.2040408@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Bob Williams wrote:
I am not sure this is a good idea. Just because you have moved the
default port to a different value does *not* mean you should disable
authentication. A more sophisticated scan is quite likely to identify
that the port is open for ssh and taking security of it is not very safe
(particularly if open to the outside world). All this does is protect
against 'dumb' scripts causing server load issues, once the port has
been identified as being used for ssh it will become open to attack again.
- --
==============================================================================
I have always wished that my computer would be as easy to use as my
telephone.
My wish has come true. I no longer know how to use my telephone.
Bjarne Stroustrup
==============================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iEYEARECAAYFAkkv6H4ACgkQasN0sSnLmgIBnACg6SWze7+5+QbDFX+gYdmzGs1i
h+wAoO6NlDrwqLcvsPZEilD3c/3xha7p
=kha3
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Hash: SHA1
Bob Williams wrote:
On Thursday 27 November 2008 15:03:29 David C. Rankin wrote:
James Knott wrote:
To turn off password checking, which of the following do I need to modify
in sshd.config?
I am not sure this is a good idea. Just because you have moved the
default port to a different value does *not* mean you should disable
authentication. A more sophisticated scan is quite likely to identify
that the port is open for ssh and taking security of it is not very safe
(particularly if open to the outside world). All this does is protect
against 'dumb' scripts causing server load issues, once the port has
been identified as being used for ssh it will become open to attack again.
- --
==============================================================================
I have always wished that my computer would be as easy to use as my
telephone.
My wish has come true. I no longer know how to use my telephone.
Bjarne Stroustrup
==============================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iEYEARECAAYFAkkv6H4ACgkQasN0sSnLmgIBnACg6SWze7+5+QbDFX+gYdmzGs1i
h+wAoO6NlDrwqLcvsPZEilD3c/3xha7p
=kha3
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |