[CentOS] Security checklist for new Centos server?
Kenneth Porter
shiva at sewingwitch.com
Tue Jul 24 23:18:33 UTC 2007
--On Saturday, July 21, 2007 9:22 AM +0200 "M. Fioretti"
<mfioretti at mclink.it> wrote:
>> > - set up only ssh2 on a non standard port
>>
>> Depending on the environment, I have found that this is not a useful
>> tool. The problems I have encountered is that it just turns off some
>> of the attacks.
>
> I agree, but I have noticed in the past, and read in several places,
> that it's not security through obscurity: its main usefulness would
> not as much extra security as saving a bit of bandwidth and server
> load from automated attacks with off the shelf scripts.
There's some automated attack that fills one's logs with noise, and it's
useful to move ssh to a non-standard port simply to quiet the logs, so that
"real" attacks will stand out. For port 22, one can either use iptables to
drop the connection attempts, or use tcpwrappers and set up a dummy script
or even a honeypot to trap the script kiddies.
More information about the CentOS
mailing list