On Tue, Nov 28, 2017 at 11:04:14AM -0600, Valeri Galtsev wrote: > On Tue, November 28, 2017 9:21 am, Lamar Owen wrote: > > On 11/27/2017 02:02 PM, m.roth at 5-cent.us wrote: > >> Pete Biggs wrote: > >>> - don't run ssh on 22, use a different port. > >> I consider that pointless security-through-obscurity. > > Security through obscurity it may be, but it isn't pointless. Tarpits > are in a similar class; they don't help with security in the absolute > sense, but they slow the attacker down, and that might be enough to > prevent the attack from continuing. There's the old saying to the effect that if you're a gazelle being chased by a lion, you don't have to be the fastest in the herd, just faster than the one running next to you. ;) -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6