[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 31/08/11 10:54, Gordon Henderson wrote:
On Wed, 31 Aug 2011, Anthony Williams wrote: Fail2ban is great but yes it doesn't prevent attacks like you said, it just searches logs with a regex and adds rules to iptables if x amount of matches are found for y. It doesn't protect against vulnerabilities but that's not its purpose. Its just a tool to prevent brute forcing. I get at least two-three Chinese hackers banned a day for trying to crack FTP accounts etc. @somewhere in thread: Changing port numbers doesn't make you more secure but it has had a drastic effect for me, decreasing the amount ten-fold. As someone said that's only due to the script kiddies moving on most likely. @somewhere else: Disabling root is a must. That's the first thing any attacker will try and get hold of. As for sudo vs su, at the end of the day they are pretty much the same no? I would imagine sudo only being useful when there's a lot of users on a system or server. sudo doesn't protect against "accidental commands", especially if you always use sudo -i like me. Gibbs |
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq