Mailinglist Archive: opensuse (1503 mails)

< Previous Next >
Re: [opensuse] Coordinated, distributed ssh attacks?
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Sat, 03 Oct 2009 17:16:09 +0200
  • Message-id: <ha7prp$vi6$1@xxxxxxxxxxxxxxxx>
Per Jessen wrote:

Roger Oberholtzer wrote:

On Sat, 2009-10-03 at 08:58 -0400, Cristian Rodríguez wrote:
On 03/10/09 09:00, Roger Oberholtzer wrote:

I am not sure how to proceed.

You can't actually proceed ;-) this is an issue with any network
service on planet earth, but you can protect yourself of being
cracked by only using public key authentication.

I was thinking more along the lines of moving my sshd to a less known
port. I access it in a controlled fashion. So, having it on a
standard port is not (I think) a requirement for me. Then, our NAT
could simply drop the sshd port accesses on the well-known port.

Yes, that approach actually works very well.


I've just remembered the only drawback - using rsync, scp and others who
use ssh under the covers does become a little tiresome, but I think
both rsync and scp have environment variables that'll set a usable
default so you don't have to specify the new port all the time.


/Per

--
Per Jessen, Zürich (12.3°C)

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >