On Sun, 2011-10-23 at 12:12 +0200, Reindl Harald wrote: > put sshd on port 10022 and all is well > > this has the additional benefit to get rid of the most > idiots trying password-attacks all day long Though it won't stop the more determined ones. Like those who scan for all open ports, and then look at what responses they get to determine what sort of server is listening. If you have a (potentially) vulnerable server exposed, using something like fail2ban (if I remembered the name correctly) can be a good idea. It allows a limited number of attempts from an IP, then temporarily blacklists that IP. A hacker would have to have tremendous luck to guess a password in only two attempts, for instance. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
