On Thu, 2005-02-10 at 09:57 -0700, Colin Anderson wrote: > Thanks, everyone, for the excellent suggestions. > > For posterity and for future reference when this thread comes up again, > summarizing the best way(s) to defend against SSH logon attempts: > > 1. Don't allow root thru SSH or Telnet, force logon as regular user and sudo > 2. If you must run SSH or Telnet, run it on a non-obvious port > 1024
Actually, don't EVER run telnet. What protection do you think you would get if someone sniffed the traffic in the area? They would still get your passwords and the ports to use them on. I have logged into a hackers accounts from using a sniffed log file they left around. They knew how to hack in, but not secure themselves. I took over their ftp site and the yahoo account they coordinated some of the attacks from since the username and passwords where the same as the ftp account. Thats why you are always told to use different passwords. Nothing like having one account compromised and then all accounts fall immediately afterwords. Or being in a race to change your passwords before the attacker gets to those accounts to own them. -- Steven Critchfield <[EMAIL PROTECTED]> _______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
