Robert Spangler wrote on Tue, 25 Mar 2008 20:33:02 -0400: > Is an option but a waste of time as a scanner will find the port it was moved > to. It's not a waste. Port scanning takes time, so, in general, those brute-force bots just try port 22. Only if someone really wants to hack you and especially you they will go any further. I changed the port on one of my machines because I had to provide SSH access from other nets as well. I have to admit I also reduced accessibility to a few hundredthousand IP numbers from two big providers. Since then (years ago) I haven't seen any brute-force attacks. > The idea of only allowing for strict ip address is good but what if you are on > the move? If you have a static IP address, this is not a problem. You VPN into your home LAN and from there to the restricted machine. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com