On Sun, Jul 22, 2007 23:45:38 PM -0600, Stephen John Smoogen (smooge at gmail.com) wrote: > >> >- set up only ssh2 on a non standard port > > > >I agree, but I have noticed in the past, and read in several places, > >that it's not security through obscurity: its main usefulness would > >not as much extra security as saving a bit of bandwidth and server > >load from automated attacks with off the shelf scripts. > > > > denyhosts or fail2ban also can help that. OK, I'll study their documentation and come back if I have specific questions on these tools. Related tips, tricks and comments are very welcome anyway, of course. > >> Not knowing iptables and relying on a script usually ends up with > >> lots of email to some firewall list about why I cant talk to my > >> remote server anymore. > > > >Of course, I wouldn't run such a script, or any new tool suggested in > >this discussion, before being sure to understand what each line and > >option does. > > > >Any further feedback is welcome! > > > > Will try to send some iptables stuff later this week. I really appreciate that! Thanks Steven! Marco -- Help *everybody* love Free Standards and Free Software! http://digifreedom.net