On Fri, Dec 28, 2007 at 12:19:44PM -0800, Brian wrote: > Chad Perrin wrote: > >On Tue, Dec 18, 2007 at 05:44:11AM -0500, Gerard Seibert wrote: > > > >>>On December 18, 2007 at 12:47AM sham khalil wrote: > >>> > >>>once you open port 22 to public ip, you'll get people try to bruteforce > >>>your > >>>machine. > >>>if you don't want that set sshd to listen to a higher number like 5522 > >>>then forward port 5522 from the router to the internal machines. > >>> > >>>unfortunately for wrt54g, you can't forward port 5522 to 22 for internal > >>>machine. > >>> > >>Security through obscurity is a poor substitute for security. Port > >>scanners > >>will eventually find that port also. > >> > > > >One needs something else for security against brute-force attempts, but > >changing the port number does help cut down on the amount of bandwidth > >consumption on the LAN side of your router by allowing the router to > >ignore/deny all incoming traffic on port 22. > > > Has denyhosts been considered?
It has been considered (and used) by me -- but I have no idea about the OP. -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] Larry Wall: "A script is what you give the actors. A program is what you give the audience." _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
