David Fetter wrote:
We should move to a port-knocking
<http://dotancohen.com/howto/portknocking.html> or other modern
strategy if we're going to move at all.
Yeah, but telling my firewall to move port 22 inside to port xxxx
outside took less time than writing this email. Inside the firewall
plain old ssh continues to work fine and I don't have to deal with
issues of forwarding additional ports through the firewall, mucking with
iptables rules, etc.
For my servers, moving outside access to a non-standard port has proven
100% effective for over a year so additional complexity hasn't been
warranted.
Cheers,
Steve
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
