1 |
On Jan 12, 2012 8:07 PM, "Alan McKinnon" <alan.mckinnon@×××××.com> wrote: |
2 |
> |
3 |
|
4 |
----, >8 snip |
5 |
|
6 |
> |
7 |
> Changing the ssh port (and even crypto keys on DVDs) is just a |
8 |
> brain-dead approach, we agree on that. We rightfully rip a new one to |
9 |
> people advocating doing this. |
10 |
> |
11 |
|
12 |
Well, I *always* change my sshd ports, not for added security, but because |
13 |
I'm tired of seeing failed login attempts from China. The daily log became |
14 |
*much* shorter after I moved the port somewhere else. |
15 |
|
16 |
Plus, thanks to the wonders of iptables and ipset, anyone attempting to |
17 |
connect to port 22 will now gets blocked completely. |
18 |
|
19 |
Rgds, |