Spike in SSH attacks
Chip Marshall
chip at 2bithacker.net
Mon Jun 21 11:05:18 EDT 2010
On 21-Jun-2010, Bill Sconce <sconce at in-spec-inc.com> sent:
> START WITH NEVER EXPOSING SSHD ON PORT 22.
http://en.wikipedia.org/wiki/Security_through_obscurity
Personally, I think this is a flawed approach to securing a machine. It
only serves to encorage full port scans of machines, which wastes even
more bandwidth.
Sure, my logs have a lot of failed login attempts, but failed login
attempts mean my security is working. It's the successful ones you need
to watch out for.
You don't secure your house by hiding the door, you secure it by
having good locks.
--
Chip Marshall <chip at 2bithacker.net>
http://weblog.2bithacker.net/ KB1QYW PGP key ID 43C4819E
v4sw5PUhw4/5ln5pr5FOPck4ma4u6FLOw5Xm5l5Ui2e4t4/5ARWb7HKOen6a2Xs5IMr2g6CM
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20100621/c4b287b5/attachment.bin
More information about the gnhlug-discuss
mailing list