On Tuesday 05 April 2011 11:27:49 Rudi Ahlers wrote: > On Tue, Apr 5, 2011 at 10:17 AM, John Hodrien <J.H.Hodrien@xxxxxxxxxxx> wrote: > > On Tue, 5 Apr 2011, rrichard@xxxxxxxxxx wrote: > >> 1) Move sshd to another > >> port, one higher than 5000 > > > > I'd have mixed feelings about the Wisdom of running on a non-reserved > > port. > > Why, > > We've been running SSH on hundreds of servers on a port higher than > 5000 for year now and no problems at all. I'm also running ssh on non standard port for more then 7 years and this is on a couple of thousend servers. Its not a problem if you simply add 'Port XXX' to your ~/.ssh/config . However, the traffic to ssh has reduced with only 40%. In the begining it was very good, we were surprised, how almost all failed attempts dissapeared. But in the following months that number increased and reached 60-65% of the original number. Introducing a Hawk helped us a lot. Tools like Hawk and fail2ban are quite useful, actually only thinks like that have good impact on the bruteforce attempts. Regards, Marian Marinov
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
