On Tue, 2011-12-06 at 18:12 -0600, Les Mikesell wrote:
> I'd expect it to be at least typical to firewall direct ssh access
> from the internet.
A Linux newcomer, untrained and a self-learner, I made an abrupt
immersion into Linux on 1 June 2010. It was a steep learning-curve.
The first thing I did was to make a 20-odd character password for Root
with lowercase, uppercase and digits (using my former address in
Germany).
The next thing I did was to change the default SSH port number AND
restrict access to 3 approved IP addresses only.
Anyone who leaves SSH on a default port open to any IP address is
stupid.
Anyone not wanting to allow SSH access into their machine should
consider:-
chkconfig --list|grep ssh
chkconfig sshd off
service sshd stop
Long, not easy to guess and totally beyond the reach of dictionary
attacks, passwords for Root are absolutely essential. Security begins
with a minimum password length of 12 characters for ALL users.
Rootkits are another essential.
There is a real war on. No sensible person lays down and lets the enemy
walk all over them. Constant and widespread defence is vitally
important. Every day I see evidence of many hacked computers all around
the world. It persuades me to think many admins are simply incompetent -
they seem to use Windoze.
A professional qualification in basic server security would be a useful
attribute.
--
With best regards,
Paul.
England,
EU.