From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Fy3lj-0008Hc-2n for garchives@archives.gentoo.org; Wed, 05 Jul 2006 09:34:03 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.7/8.13.6) with SMTP id k659VX1u008103; Wed, 5 Jul 2006 09:31:33 GMT Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.191]) by robin.gentoo.org (8.13.7/8.13.6) with ESMTP id k659NkCu016319 for ; Wed, 5 Jul 2006 09:23:47 GMT Received: by nf-out-0910.google.com with SMTP id l23so390802nfc for ; Wed, 05 Jul 2006 02:23:46 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=JwyLIjdnbv52irH+cdYG2ks0mRdw4EYc5T+VgSAIdfazqV2MIa5AItP+rVFHMRHI0YIvjp3lMwfQiLy4blEXFWOhMGi7Jf3KJTLKljOu1sDD/j/roJBiZsuCj07nVTaTbEjICWk6rfWVPL28rhrGpEWV1lkHOLeQMvSuU0fmmqM= Received: by 10.78.178.5 with SMTP id a5mr1850246huf; Wed, 05 Jul 2006 02:23:46 -0700 (PDT) Received: by 10.78.118.17 with HTTP; Wed, 5 Jul 2006 02:23:46 -0700 (PDT) Message-ID: <9b1675090607050223p2b5089bdx7f0abdc5dcaf28ac@mail.gmail.com> Date: Wed, 5 Jul 2006 03:23:46 -0600 From: "Trenton Adams" To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Protecting my server against an individual In-Reply-To: <44AB6C6A.9040008@mid.message-center.info> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <49bf44f10607041556w3db1b64et625c088ba8c56541@mail.gmail.com> <44AB1C8E.4090903@gmail.com> <44AB6C6A.9040008@mid.message-center.info> X-Archives-Salt: cc3cf314-74d0-49ec-8dbc-2f15ffedb524 X-Archives-Hash: 724f0c9813983fff302d29aa8d3ce203 I would move ssh to a very high port number of your choice. Most ssh port scanners do not bother checking anything other than port 22, as it is too time consuming. I have not had any weird hits on my ssh port in years. It was hammered daily, even with attempted logins and such, with it running on port 22. Now, pretty much nothing. Why not use something like 65350 or some random high port like that? And yes, you probably shouldn't be asking these questions if you have an important linux computer on the internet. Because if it is important, you should know what you are doing before you put it on the internet. If on the other hand, you're just getting to know linux, and the computer is not all that important, then you should be asking these questions. On 7/5/06, Alexander Skwar wrote: > Ryan Tandy wrote: > > > you're running a firewall of some kind (and you'd be crazy not to for > > any publically accessible box), > > Actually, I'd disagree. If only the necessary publicly accessible services > are running on a box, what good should a "firewal" (I suppose you mean > packet filter, like iptables) do? The only useful measure I can think about, > is to do rate limiting. But what else? > > Alexander Skwar > -- > The more laws and order are made prominent, the more thieves and > robbers there will be. > -- Lao Tsu > -- > gentoo-user@gentoo.org mailing list > > -- gentoo-user@gentoo.org mailing list