Re: SSH Blocking

To: debian-user@lists.debian.org
Subject: Re: SSH Blocking
From: Paul Johnson <baloo@ursine.ca>
Date: Mon, 25 Apr 2005 17:46:44 -0700
Message-id: <[🔎] 200504251746.44314.baloo@ursine.ca>
In-reply-to: <[🔎] 20050425145016.GB4120@sungate.co.uk>
References: <[🔎] 426D01F2.4000900@pressenter.com> <[🔎] 20050425145016.GB4120@sungate.co.uk>

On Monday April 25 2005 7:50 am, Dave Ewart wrote:

> Changing SSH port is 'really' more secure (obscurity and all that), 
> but it's an extra layer and, if nothing else, stops your logs 
> getting cluttered with all the failed logins ...  

Another thing you'll want to do is avoid the bloody obvious logins 
that the automated scans seem drawn towards.  Might be interesting to 
set up a honeypot that accepts any login with any password and see 
what it tries to do.  I'd do it, but don't have the resources to set 
up a honeypot, much less know how to set one up securely.

-- 
Paul Johnson
Email and Instant Messenger (Jabber): baloo@ursine.ca
http://ursine.ca/~baloo/

Attachment: pgpQM9ifOdkkF.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: SSH Blocking
  - From: Dave Ewart <davee@sungate.co.uk>

References:
- SSH Blocking
  - From: Nick Miller <nick@pressenter.com>
- Re: SSH Blocking
  - From: Dave Ewart <davee@sungate.co.uk>

Prev by Date: Re: login problems
Next by Date: Re: Loading a router using Linux
Previous by thread: Re: SSH Blocking
Next by thread: Re: SSH Blocking
Index(es):
- Date
- Thread