also sprach Jeff Coppock <jcoppock1@comcast.net> [2006.05.07.1836 +0200]: > I came up against the same issue some time ago and decided to move my sshd to > a non-standard port. This dramatically reduced the number of log entries, > and I see hardly any login attempts logged. I also updated my snort rules > with the new port. This works for me. I'm also considering setting up a > specific iptables rule to log the ssh hits separately, but there aren't > enough to bother with that so far. This can work in small-scale scenarios, but not in large-scale ones with a number of different clients. I do not want to go down this path; instead, I prefer to enforce a strong password policy. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer and author: http://debiansystem.info `. `'` `- Debian - when you have better things to do than fixing a system linux: because a pc is a terrible thing to waste
Attachment:
signature.asc
Description: Digital signature (GPG/PGP)