|Main Archive Page > Month Archives > fedora-users archives|
On Sun, 2011-10-23 at 12:12 +0200, Reindl Harald wrote:
> put sshd on port 10022 and all is well
> this has the additional benefit to get rid of the most
> idiots trying password-attacks all day long
Though it won't stop the more determined ones. Like those who scan for
all open ports, and then look at what responses they get to determine
what sort of server is listening.
If you have a (potentially) vulnerable server exposed, using something
like fail2ban (if I remembered the name correctly) can be a good idea.
It allows a limited number of attempts from an IP, then temporarily
blacklists that IP. A hacker would have to have tremendous luck to
guess a password in only two attempts, for instance.
-- [tim@localhost ~]$ uname -r 220.127.116.11-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list firstname.lastname@example.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines