On 28/11/17 06:02, m.roth@xxxxxxxxx wrote:
Pete Biggs wrote:
On Mon, 2017-11-27 at 12:10 -0500, Jerry Geis wrote:
- don't run ssh on 22, use a different port. (Things get a lot
quieter when you do that, but it comes with it's own problems and don't
get complacent because someone will find the port eventually.)
I consider that pointless security-through-obscurity.
I actually have SSH running on port 22 - however, I stipulate a
different port in a PREROUTING/DNAT rule for external access for those
hotels that block VPN access (yes, there are still some out there).
Internal users need not change their habits. In addition, this helps
keep my logs clean...
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
