Re: Iptables questions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

thus Eero Volotinen spake:
>>>> I have  a server sitting right on the net and the constant barrage of 100s
>> of
>>>>  Ips trying thousands of times at port 22 is insane.
>>> You're quite sane.  Anyone likely to hit your ssh at its new port is likely
>>> to try port 22 first.  So if they show up there first, blocking them is good
>>> - unless you have  legitimate users who may forget to go to your special port
>>> and so get locked  out after trying the default port first.
>> There's also port knocking...
> 
> how about enabling ssh login only with public keys ?

What about using a different port, if narrowing down the networks/hosts
*allowed* to connect to the machine is not an option, as it seems?

Timo

> --
> Eero,
> RHCE
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFMYnHPfg746kcGBOwRAhi+AKCZ9xxjfy7W53HzIYaIB7pKI0eUOQCfcHy2
/iNpi+xZK9vMf9r8c1gTkbo=
=xV/P
-----END PGP SIGNATURE-----
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux