Mailinglist Archive: opensuse (1570 mails)

< Previous Next >
Re: [opensuse] Coordinated, distributed ssh attacks?
  • From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
  • Date: Sat, 3 Oct 2009 18:44:44 +0200 (CEST)
  • Message-id: <alpine.LSU.2.00.0910031843230.12109@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On Saturday, 2009-10-03 at 17:16 +0200, Per Jessen wrote:

I was thinking more along the lines of moving my sshd to a less known
port. I access it in a controlled fashion. So, having it on a
standard port is not (I think) a requirement for me. Then, our NAT
could simply drop the sshd port accesses on the well-known port.

Yes, that approach actually works very well.


I've just remembered the only drawback - using rsync, scp and others who
use ssh under the covers does become a little tiresome, but I think
both rsync and scp have environment variables that'll set a usable
default so you don't have to specify the new port all the time.

I think you can modify the ssh lines in /etc/services, and those apps might take the new port from there. But you have to change that in the client machines, of course.

- -- Cheers,
Carlos E. R.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkrHf4wACgkQtTMYHG2NR9XAuACeMAP3fQ4lVX2bHTMdxcBLVxRe
E0UAnAg2hhSTK6OTQtcCpUsIoCgTceAi
=NWsS
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups