On Thu, 21 Aug 2008 13:03:09 -0700
Jeremy Chadwick <[EMAIL PROTECTED]> wrote:
> A different approach: consider putting sshd on a different port, rather
> than the default of 22. A lot of people I know do this, solely to
> decrease the number of brute-force attempts you see above; I've never
> seen any of those brute-force attacking programs portscan, then attack
> against a port which returns a OpenSSH string.
+1 - obscurity definitely doesn't ADD to security , but it removes all the
noise from your system.
Alternatively, you try port knocking ;)
> Finally, consider moving to pf instead, if you really feel ipfw is
> what's causing your machine to crash. You might be pleasantly surprised
> by the syntax, and overall administrative usability (it is significantly
> superior to ipfw, IMHO).
+1
_________________________
{Beto|Norberto|Numard} Meijome
If Bill Gates had a dollar for every time a Windows box crashed...
.. Oh, wait a minute, he already does.
I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
