| 1 |
On Jan 12, 2012 8:07 PM, "Alan McKinnon" <alan.mckinnon@×××××.com> wrote: |
| 2 |
> |
| 3 |
|
| 4 |
----, >8 snip |
| 5 |
|
| 6 |
> |
| 7 |
> Changing the ssh port (and even crypto keys on DVDs) is just a |
| 8 |
> brain-dead approach, we agree on that. We rightfully rip a new one to |
| 9 |
> people advocating doing this. |
| 10 |
> |
| 11 |
|
| 12 |
Well, I *always* change my sshd ports, not for added security, but because |
| 13 |
I'm tired of seeing failed login attempts from China. The daily log became |
| 14 |
*much* shorter after I moved the port somewhere else. |
| 15 |
|
| 16 |
Plus, thanks to the wonders of iptables and ipset, anyone attempting to |
| 17 |
connect to port 22 will now gets blocked completely. |
| 18 |
|
| 19 |
Rgds, |
Archives