Alex Zbyslaw wrote:
> Ed Stover wrote:
>
>> One of my personal favorite things to do is:
>> move ssh to port 1001
>>
>>
> Is there a reason behind choosing port 1001? <1024; not registered to
> anything else useful; reasonably memorable?
Well as long as you dont have a service allready running
Ed Stover wrote:
One of my personal favorite things to do is:
move ssh to port 1001
Is there a reason behind choosing port 1001? <1024; not registered to
anything else useful; reasonably memorable? Are there any other useful
criteria I've missed?
Thanks,
--Alex
_
Emanuel Strobl wrote:
> Am Mittwoch, 18. Mai 2005 22:56 schrieb Kirk Strauser:
>
>>On Tuesday 17 May 2005 09:36, Peter Kropholler wrote:
>>
>>>As things stand, ssh is designed so you can't get at people's
>>>passwords and I am leaving it alone. Focussing instead on the task of
>>>making sure my pa
Am Mittwoch, 18. Mai 2005 22:56 schrieb Kirk Strauser:
> On Tuesday 17 May 2005 09:36, Peter Kropholler wrote:
> > As things stand, ssh is designed so you can't get at people's
> > passwords and I am leaving it alone. Focussing instead on the task of
> > making sure my passwords are strong, limitin
On Tuesday 17 May 2005 09:36, Peter Kropholler wrote:
> As things stand, ssh is designed so you can't get at people's passwords
> and I am leaving it alone. Focussing instead on the task of making
> sure my passwords are strong, limiting AllowUsers to specific users and
> trusted ip addresses, and
On Tue, 17 May 2005, Peter Kropholler wrote:
As things stand, ssh is designed so you can't get at people's passwords
and I am leaving it alone. Focussing instead on the task of making
sure my passwords are strong
One thing I do is to prevent the IPs from connecting to my machine
One can either do i
This link might help:
http://seclists.org/lists/incidents/2005/Feb/0004.html
Karol,
Thanks for this pointer.
There are two really important pieces of advice on that web page
which persuade me to ditch any thoughts of trying to determine
what passwords people are using with their illegal login scams
Daniel Bye wrote:
> On Tue, Apr 26, 2005 at 09:22:34AM +0100, Peter Kropholler wrote:
>>Is there any way to actually record what passwords
>>the hackers' scripts are trying? I am just really intrigued
>>to know what they are thinking might work.
>
>
> No - ssh transport is encrypted even by the t
On 4/26/05, Peter Kropholler <[EMAIL PROTECTED]> wrote:
> I run a server at home on port 22.
> There are loads of illegal user attempts to login
> every few days. As its at home I protect myself
> by having only one user on the sshd AllowUsers
> list and with a very strong password and no
> admin/
On Tue, Apr 26, 2005 at 09:22:34AM +0100, Peter Kropholler wrote:
> I run a server at home on port 22.
> There are loads of illegal user attempts to login
> every few days. As its at home I protect myself
> by having only one user on the sshd AllowUsers
> list and with a very strong password and no
I run a server at home on port 22.
There are loads of illegal user attempts to login
every few days. As its at home I protect myself
by having only one user on the sshd AllowUsers
list and with a very strong password and no
admin/sysman priveleges.
So essentially every failed login attempt is illeg
11 matches
Mail list logo
