[CentOS] Unknown rootkit causes compromised servers
Johnny Hughes
johnny at centos.org
Tue Jan 29 13:30:11 UTC 2008
Chris Mauritz wrote:
> Alfredo Perez wrote:
>> I will add to that list, change ssh port 22 to somthing else
>>
>
> Why? Most of the script kiddies now check all the higher ports for ssh
> too. Moving ssh's port around solves nothing.
Actually, I have to disagree.
SOME of the script kiddies check higher ports for SSH *_BUT_* I only see
4% of the brute force attempts to login on ports other than 22.
I would say that dropping brute force login attempts by 96% is quite a
good reason to move the SSH port from 22 to something else.
It is certainly not the only thing you need to do, but it is nonetheless
a good thing to do.
Thanks,
Johnny Hughes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20080129/b8f2b37f/attachment.sig>
More information about the CentOS
mailing list