On Sun, Jul 22, 2007 23:45:38 PM -0600, Stephen John Smoogen (smooge@gmail.com) wrote:
- set up only ssh2 on a non standard port
I agree, but I have noticed in the past, and read in several places, that it's not security through obscurity: its main usefulness would not as much extra security as saving a bit of bandwidth and server load from automated attacks with off the shelf scripts.
denyhosts or fail2ban also can help that.
OK, I'll study their documentation and come back if I have specific questions on these tools. Related tips, tricks and comments are very welcome anyway, of course.
Not knowing iptables and relying on a script usually ends up with lots of email to some firewall list about why I cant talk to my remote server anymore.
Of course, I wouldn't run such a script, or any new tool suggested in this discussion, before being sure to understand what each line and option does.
Any further feedback is welcome!
Will try to send some iptables stuff later this week.
I really appreciate that! Thanks Steven!
Marco