fedora-users October 2011 archive
Main Archive Page > Month Archives  > fedora-users archives
fedora-users: Re: Unable to ssh nodes with global IP

Re: Unable to ssh nodes with global IP

From: Tim <ignored_mailbox_at_nospam>
Date: Mon Oct 24 2011 - 16:12:35 GMT
To: Community support for Fedora users <users@lists.fedoraproject.org>

On Sun, 2011-10-23 at 12:12 +0200, Reindl Harald wrote:
> put sshd on port 10022 and all is well
>
> this has the additional benefit to get rid of the most
> idiots trying password-attacks all day long

Though it won't stop the more determined ones. Like those who scan for
all open ports, and then look at what responses they get to determine
what sort of server is listening.

If you have a (potentially) vulnerable server exposed, using something
like fail2ban (if I remembered the name correctly) can be a good idea.
It allows a limited number of attempts from an IP, then temporarily
blacklists that IP. A hacker would have to have tremendous luck to
guess a password in only two attempts, for instance.

-- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines