On Tue, 2011-12-06 at 18:12 -0600, Les Mikesell wrote:
I'd expect it to be at least typical to firewall direct ssh access from the internet.
A Linux newcomer, untrained and a self-learner, I made an abrupt immersion into Linux on 1 June 2010. It was a steep learning-curve.
The first thing I did was to make a 20-odd character password for Root with lowercase, uppercase and digits (using my former address in Germany).
The next thing I did was to change the default SSH port number AND restrict access to 3 approved IP addresses only.
Anyone who leaves SSH on a default port open to any IP address is stupid.
Anyone not wanting to allow SSH access into their machine should consider:-
chkconfig --list|grep ssh chkconfig sshd off service sshd stop
Long, not easy to guess and totally beyond the reach of dictionary attacks, passwords for Root are absolutely essential. Security begins with a minimum password length of 12 characters for ALL users.
Rootkits are another essential.
There is a real war on. No sensible person lays down and lets the enemy walk all over them. Constant and widespread defence is vitally important. Every day I see evidence of many hacked computers all around the world. It persuades me to think many admins are simply incompetent - they seem to use Windoze.
A professional qualification in basic server security would be a useful attribute.