Re: Need for new openSUSE users



On 2008-09-11 11:19, houghi wrote:
bb wrote:
But the thing that protect me most is the change of sshd_config:
PasswordAuthentication no

Please understand that what I proposed is NOT protection. It is to keep
logfiles cleaner. It won't protect you from anything.

I would sugesting that for ssh you start whitelisting, instead of
blacklisting. Also the countries you named are for this type just as
avarage as any other country.

These are attacks by sombies, not by dedicated machines. They can be
anywhere in the world.

For ssh security (and network security in general) you need other tools,
because this isn't about security.

Perhaps it is better to start a new thread about that.

houghi

ahhh, I did not read careful (again) :-)

ok, I can't use whitelisting since I have friends that use my machine
as tunnel and they move around a bit, but you are right, that should be best.

/bb
.