[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Neil Stone wrote: >> If you do open port 22 to the world make sure you have decent >> passwords, ie lots of letters, numbers upper and lower case and quite >> a few characters the more the better really. If you are going to >> connect in remotley then if it is just from a known location you can >> firewall to just allow that location to get in or if you only connect >> remotley from your machines eg a laptop etc you can pre exchange the >> RSA sigs and not rely on passwords at all. If you, like me, have the luxury of a single known remote IP address, then many firewall/routers have the option of only allowing that address in. > denyhosts anyone ? Good tool, as is fail2ban. I'd like to routinely ban subnets of anyone attempting to smtp relay or http url-attacks by script too. Am getting a lot of these lately, almost certainly from scripts/viruses/trojans. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html