machine hangs on occasion - correlated with ssh break-in
attempts
Norberto Meijome
freebsd at meijome.net
Fri Aug 22 00:27:55 UTC 2008
On Thu, 21 Aug 2008 13:03:09 -0700
Jeremy Chadwick <koitsu at FreeBSD.org> wrote:
> A different approach: consider putting sshd on a different port, rather
> than the default of 22. A lot of people I know do this, solely to
> decrease the number of brute-force attempts you see above; I've never
> seen any of those brute-force attacking programs portscan, then attack
> against a port which returns a OpenSSH string.
+1 - obscurity definitely doesn't ADD to security , but it removes all the noise from your system.
Alternatively, you try port knocking ;)
> Finally, consider moving to pf instead, if you really feel ipfw is
> what's causing your machine to crash. You might be pleasantly surprised
> by the syntax, and overall administrative usability (it is significantly
> superior to ipfw, IMHO).
+1
_________________________
{Beto|Norberto|Numard} Meijome
If Bill Gates had a dollar for every time a Windows box crashed...
.. Oh, wait a minute, he already does.
I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
More information about the freebsd-stable
mailing list