[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Mon, 2005-10-03 at 16:44 +0100, Thomas Arrow wrote: > > > >Move the port that ssh listens on to another, eg 222 that way only you > >will know the port and you can still access it from anywhere. > I'm probably wrong but then couldn't somone run nmap on you and the try > all open ports? > No, you are right. Although moving the port may stop the automated-type attacks, if someone manually connects to the port (after port scanning) then they will probably see that it is ssh. I would much rather restrict who can get in (using TCP wrappers in this case or IPtables as was also suggested), and limit the damage if they do (rootkit checkers/tripwire?), than try and hide what I want to do (which is simply login using ssh on its standard port). John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914 E-mail: John.Horne@xxxxxxxxxxxxxx Fax: +44 (0)1752 233839 -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html