15 Feb
2006
15 Feb
'06
4:24 a.m.
On Monday 13 February 2006 7:19 pm, Will McDonald wrote:
- If you know absolutely where all SSH connections originate from drop
all other traffic on that port bar the know IP address/range
As long as you at least understand the basics of how and why you're doing these things, the more layers of security you add the better.
Great summary.
You might want to add: *Ban/block class A subnets you know you would never need SSH access from (usually foreign countries, etc) *Consider dedicating a spare machine to run as an SSH server/proxy.