Quoting sk@elegosoft.com:

> mornin'
>
> Rich Healey wrote:
>>> Recently I'm getting a lot of brute force attempts on my server, in the
>>> past I've used various tips and tricks with linux boxes but many of them
>>> were fairly linux specific.

>
>
> disable pasword authentication OR use very strong passwords (24 chars)
> OR use OTP
>
> if it is applicable you could limit access by hosts (from=)
>
> nothing of the above is linux or BSD specific
>
> btw. Software to delay Login Attempts could be tricked.
>
>> Personally I find that changing the port to anything other than 22 stops
>> a lot of the skiddie brute force attacks. Thats not to say you
>> shouldn't use something else as well - but it is something.

>
> it works for one of my servers too, but is security by obscurity


It worked for me also but in addition I have started accepting ssh
from only known ip's but I always have a server with a known ip that
uses an alternative port for ssh that I can access from, lets say an
internet cafe or like, and then triangle to the server that I'm really
interested in. Hope that makes some sense.

ed
>
> regards
> Stefan
>
>
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> http://lists.freebsd.org/mailman/lis...reebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
>


_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/lis...reebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"