Re: [opensuse] Results of moving ssh to a high port - Zero script kiddies in a 24 hour period.
- From: Mads Martin Joergensen <mmj@xxxxxx>
- Date: Thu, 27 Nov 2008 12:15:09 +0100
* David C. Rankin <drankinatty@xxxxxxxxxxxxxxxxxx> [Nov 27. 2008 08:30]:
16:36 nirvana~/linux/boxes/bonza/log> wc -l < 20081121.log
5353
After the change:
16:37 nirvana~/linux/boxes/bonza/log> wc -l < 20081125.log
294
Less than 300 entries in the logs in _total_ for an entire 24 hour period. If
you have similar issues, and your real user needs can be accommodated on a high
port, I highly recommend it.
Another approach is one I use after I found it on the DragonFlyBSD list.
Have an entry to send everything from the auth log into a seperate
program scanning for invalid user logins. If one such is
found--blacklist it. After a while it stops and you don't have to inform
all users about port number change.
--
Mads Martin Joergensen, http://mmj.dk
"Why make things difficult, when it is possible to make them cryptic
and totally illogical, with just a little bit more effort?"
-- A. P. J.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
- References:
- Prev by Date: Re: [opensuse] 11.0 - openSuSE Updater Fails (Repeatedly) on Tonights Updates
- Next by Date: [opensuse] OpenSUSE 11.0: Dell Latitude E4300
- Previous by thread: [opensuse] Results of moving ssh to a high port - Zero script kiddies in a 24 hour period.
- Next by thread: Re: [opensuse] Results of moving ssh to a high port - Zero script kiddies in a 24 hour period.
- Index(es):
Relevant Pages
|
