On Monday 13 February 2006 7:19 pm, Will McDonald wrote: > * If you know absolutely where all SSH connections originate from drop > all other traffic on that port bar the know IP address/range > > As long as you at least understand the basics of how and why you're > doing these things, the more layers of security you add the better. Great summary. You might want to add: *Ban/block class A subnets you know you would never need SSH access from (usually foreign countries, etc) *Consider dedicating a spare machine to run as an SSH server/proxy.
ssh attack
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: ssh attack
- From: ryanag at zoominternet.net (ryan)
- Date: Wed Feb 15 03:20:37 2006
- In-reply-to: <1f8fae340602131619u747d9fc8y@xxxxxxxxxxxxxx>
- References: <43F10F13.3@xxxxxxxxxxxxxxxxx> <1f8fae340602131619u747d9fc8y@xxxxxxxxxxxxxx>
- References:
- ssh attack
- From: John Merritt
- ssh attack
- From: Will McDonald
- ssh attack
- Prev by Date: Question about updates again
- Next by Date: Upgrading to CentOS 4.2 from FC2?
- Previous by thread: ssh attack
- Next by thread: ssh attack
- Index(es):
 |