[ale] hack attempts
Jonathan Rickman
jrickman at gmail.com
Wed Feb 9 11:04:10 EST 2005
> Assuming one is already using a "REAL good password" moving ssh to a
> different port is an excellent next step and in no way qualifies being
> labeled "security through Obsecurity" (or even obscurity). It is a good
> best-practice for production environments with public facing servers
> that don't require well-known port access.
I'm a firm believer in adding a layer of obscurity whenever possible.
If nothing else, it helps to mitigate the zero day threat at least a
little. I also second Bob's suggestion of using commercial ssh over
OpenSSH. OpenSSH has a pretty poor security record when you consider
it's intended purpose. Another good suggestion was turning off ssh
altogether. It is by far, the most over-used service I have run
across. Folks seem to take for granted that it is secure and just turn
it on regardless of whether or not it is even needed. This is just
asking for trouble. I have rarely run across a linux box that doesn't
have it turned on.
--
Jonathan
More information about the Ale
mailing list