Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] server installation best practices/ worksheet



Godwin Stewart wrote:
I run several servers open to the public. All of them have had sshd
listening to a non-standard port ever since I started adminning them,
and that was 3 or 4 years ago. I have yet to see a single attack on
sshd on that non-standard port. So, while nmap can indeed make a good
guess at what service is running on a given port, I see no evidence of
attackers actually using that feature. Maybe it'll come later, I don't
know, but for the time being I have no reason whatoever to run sshd on
port 22 on any of my boxen.



I do that too, I'm the only one who should be attaching to my machine. It certainly keeps your logs a lot cleaner and easy to read.

I also have this in my /etc/hosts.deny
ALL: .tw, .cn, .hk, .kr, .pk, .th


Brett







Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links