Mailing List CGatePro@mail.stalker.com Message #92456
From: Lyle Giese <lyle@lcrcomputer.net>
Subject: Re: OT: dealing with SSH probes - was: Re: Case Study Request
Date: Tue, 04 Sep 2007 13:54:53 -0500
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
Change the port ssh is listening to.  You don't have to run ssh on the 'standard' port.  It will work on almost any unused port above 1024.

I did that along time ago to get away from the script kiddies pounding on it.  Also make sure you use and understand 'AllowGroups', that keeps the script kiddies from being able to exploit system accounts like root, nobody, postgres, postfix, etc.

Lyle

Stefan Seiz wrote:
On 04.09.2007 17:16 Uhr, Matthew Black <black@csulb.edu> wrote:

  
You should also be using the built-in Unix firewall
or TCP Wrappers and only listen to connections from
authorized clients, ignoring all others.
    
I do, but do not filter SSH as i need to access my boxes from whatever
network i am currently using (e.g. when travelling).

--
Stefan Seiz <http://www.stefanseiz.com>
Spamto: <bin@imd.net>




#############################################################
This message is sent to you because you are subscribed to
  the mailing list <CGatePro@mail.stalker.com>.
To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com>
To switch to the DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
To switch to the INDEX mode, E-mail to <CGatePro-index@mail.stalker.com>
Send administrative queries to  <CGatePro-request@mail.stalker.com>
  

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster