On Wed, 2015-02-04 at 14:08 -0500, Lamar Owen wrote:
> However, the reason you want a password that is not easily bruteforced
> has nothing to do with this, and all bruteforce attempts cannot be
> blocked by this method.
Thanks for your well-explained concerns. You make good sense.
Just counted the characters in one of my root passwords. It uses
uppercase, lowercase, symbols, numbers and is a mere 25 characters long.
Another one is, I think, about 32 characters long.
Plain FTP is banned. SSH is shifted away to an obscure port and
permitted only for 3 predetermined IP addresses. Web hackers are
automatically banned after the first attempt. Similar defences are
employed against spammers and mail hackers.
I restrict directory and file access to special users with no-logon
ability. I upgrade immediately a replacement is announced. I read my
chosen selection of logs and self-created reporting programmes from
every server.
IP Tables restricts in and out traffic as much as possible. DROP appears
everywhere.
I'm not paranoid about security but I do not intend to be a passive or a
willing victim of hacking etc. I would jail hackers for a minimum of 6
months.
--
Regards,
Paul.
England, EU. Je suis Charlie.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
