ssh attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Monday 13 February 2006 7:19 pm, Will McDonald wrote:
> * If you know absolutely where all SSH connections originate from drop
> all other traffic on that port bar the know IP address/range
>
> As long as you at least understand the basics of how and why you're
> doing these things, the more layers of security you add the better.

Great summary.

You might want to add:
*Ban/block class A subnets you know you would never need SSH access from 
(usually foreign countries, etc)
*Consider dedicating a spare machine to run as an SSH server/proxy.

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux