Re: Securing SSH --> Change ports

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/02/2014 09:11 PM, Manuel Wolfshant wrote:
> Incidentally I am a fan of using iptables (recent match) to limit
> the number of admissible attempts from any given IP to connect to
> sshd ( yes, I know, it has nothing to do with the initial concern
> you raised )

FWIW, I think this is an equally fair approach, in that e.g. a dozen
attempts makes sense to block against -- if a user has 12 failed
attempts, they are misremembering their password and need to do a
recovery via another sysadmin.

Honestly probably a better approach than STO via changing to
unassigned privileged port.

- -- 
Karsten 'quaid' Wade        .^\          CentOS Doer of Stuff
http://TheOpenSourceWay.org    \  http://community.redhat.com
@quaid (identi.ca/twitter/IRC)  \v'             gpg: AD0E0C41
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlQuOOoACgkQ2ZIOBq0ODEHWCACghGkJwVXG0Ke4yrs7nRF87BGF
X78AoJVdrzjm72+pyncl5GYe/CHkcPvc
=/F20
-----END PGP SIGNATURE-----
_______________________________________________
CentOS-docs mailing list
CentOS-docs@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos-docs




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Users]     [CentOS Virtualization]     [Linux Media]     [Asterisk]     [Netdev]     [X.org]     [Xfree86]     [Linux USB]     [Project Hail Cloud Computing]

  Powered by Linux