D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Securing SSH

 

On Mon, 2005-10-03 at 16:44 +0100, Thomas Arrow wrote:
> >
> >Move the port that ssh listens on to another, eg 222 that way only you
> >will know the port and you can still access it from anywhere.
> I'm probably wrong but then couldn't somone run nmap on you and the try 
> all open ports?
> 
No, you are right. Although moving the port may stop the automated-type
attacks, if someone manually connects to the port (after port scanning)
then they will probably see that it is ssh.

I would much rather restrict who can get in (using TCP wrappers in this
case or IPtables as was also suggested), and limit the damage if they do
(rootkit checkers/tripwire?), than try and hide what I want to do (which
is simply login using ssh on its standard port).


John.

-- 
---------------------------------------------------------------
John Horne, University of Plymouth, UK  Tel: +44 (0)1752 233914
E-mail: John.Horne@xxxxxxxxxxxxxx       Fax: +44 (0)1752 233839


--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html