[CentOS] Ideas for stopping ssh brute force attacks
David Dyer-Bennet
dd-b at dd-b.net
Wed Jul 23 14:21:10 UTC 2008
On Tue, July 22, 2008 16:45, Les Bell wrote:
> Moving sshd to a non-standard port is one of the worst examples of relying
> on security by obscurity. Its only advantage is that it cuts out some
> noise
> in the logs, but proper precautions do that as well, without lulling you
> into a false sense of security.
I think you've put your finger on a key point here -- what most people
really want here is a reduction in log noise.
I'd suggest the best way to achieve that is to not display SSH logon
failures :-). If you instead scan the *successes*, you're much more
likely to actually spot any problem that occurs.
--
David Dyer-Bennet, dd-b at dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
More information about the CentOS
mailing list