Best practices for securing SSH server

Daniel Underwood djuatdelta at
Sun Jun 28 01:17:13 UTC 2009

> As I believe has already been answered in this thread, the better connected
> a server is to the Internet, the higher its value to several varieties of
> miscreants.  Given a choice between a server connected via a close to
> saturated T1 somewhere in the back waters of the Internet and a server with
> multiple 100mbps+ connections to key backbones, somebody interested in
> staging DOS attacks or using the server as a base to "explore" other
> networks or ... is likely to find the latter server of greater interest.
>  About the only advantage I can think of for the former is that it's
> probably, other things being equal, less likely to be properly maintained
> and monitored.

Exactly.  For example, the "server" in question is a desktop machine
at work.  I regularly see transfer rates of 13MB/s.  It's at a major
university, which is by itself another high-risk factor, precisely
because there are so many (often weakly protected) high-speed

More information about the freebsd-questions mailing list