In the last episode (May 09), [EMAIL PROTECTED] said:
> I would suggest using ssh with RSA key pairs and passphrases only.
> Dont allow password based login or root login over ssh. Only allow
> root to login using the console and use sudo for all admin tasks.
> I have not tried this myself but you could use tcpwrappers and write
> a script to add the IP address from repeated failed messages to the
> hosts.deny file. There are various scripts already written to do
> this. A quick goggle search found this
> http://security.linux.com/article.pl?sid=05/09/15/1655234 (its about
> linux but I am sure the same approach applies to FreeBSD.)
Some more links on securing ssh from password attacks:
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"