dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #33077
Re: interesting article on ssh port numbersh
Thanks Lars, for sharing the interesting article.
I also recommend that people use fail2ban <http://www.fail2ban.org>. It is
a simple tool that looks at logs to fend brute force
---
Regards,
Saptarshi PURKAYASTHA
On 28 September 2014 16:37, Bob Jolliffe <bobjolliffe@xxxxxxxxx> wrote:
> Some interesting thoughts but i wouldn't buy his main argument (I've read
> it before). The last comment by 'Dicer; is important. Of course your sshd
> can be discovered (using nmap or the like) but it takes a little time.
> Time which is generally more profitably spent hunting down the next port 22
> listener.
>
> For the "annoying" -P problem of scp (and other progarms like rsync) which
> expect ssh on port 22, that's what ~/.ssh/config is for :-) See
> http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/
> for example.
>
> Having said that its really important to know that shifting the port is
> one of a number of measures, not a solution in itself - the more important
> being disabling root access and password authentication.
>
> Port knocking is clever .. used to do this on SA gov periphery firewalls.
> Haven't really bothered in recent times, but maybe something to consider in
> these turbulent times.
>
> Meanwhile i continue to shift my ssh port and encourage others to do the
> same :-)
>
> Cheers
> Bob
>
> On 28 September 2014 17:09, Lars Helge Øverland <larshelge@xxxxxxxxx>
> wrote:
>
>> "Why putting ssh on another port than 22 is a bad idea":
>>
>>
>> https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/
>>
>> Lars
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~dhis2-devs
>> Post to : dhis2-devs@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~dhis2-devs
>> More help : https://help.launchpad.net/ListHelp
>>
>>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~dhis2-devs
> Post to : dhis2-devs@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-devs
> More help : https://help.launchpad.net/ListHelp
>
>
Follow ups
References