[CentOS] One approach to dealing with SSH brute force attacks.
    Patrick 
    flymooney at gmail.com
       
    Wed Jan 30 19:59:31 UTC 2008
    
    
  
Brian Mathis wrote:
> @James:
> As for the "security through obscurity" post, you are missing the
> point.  Changing the port number that SSH runs on is not "security
> through obscurity".  Moving an already highly secure service to a
> different port so scanners don't hit it automatically is a different
> thing.  This type of move is purely to reduce the amount of garbage in
> one's log file due to automated scans.  However, I do agree that there
> are probably better ways to handle the situation, such as using rate
> limiting.
Not to mention that if there is a lot less "garbage", it is much easier 
to catch
something trying to sneak in. So it does have an element of security to it.
Patrick
    
    
More information about the CentOS
mailing list