985
edits
Changes
From SME Server
Jump to navigationJump to search→Conslusions
This Howto was developed in response to the recommendations in this article at [http://isc.sans.org/diary.php?storyid=846 isc.sans.org]. The article briefly suggests taking 3 steps to secure your server against ssh attacks:
This Howto was developed in response to the recommendations in this article at [http://isc.sans.org/diary.php?storyid=846 isc.sans.org]. The article briefly suggests taking 3 steps to secure your server against ssh attacks:
1. Run ssh on a non-standard port
2. Choose good passphrases, and enforce them with PAM or other wrappers.
3. Monitor your logs, then consciously look at blocking and/or reporting abusive netblocks.
Now you know how to run ssh on a non-standard port, at least. Don't be fooled into thinking that this will bring long-term securiy, however! There is a discussion of this issue in the forums here on contribs that concludes that moving ssh to another port will only help until the attackers upgrade their tools. Public/private key security is recommended. (See [http://forums.contribs.org/index.php?topic=29505.msg123499#msg123499 Guessing passwords])
Now you know how to run ssh on a non-standard port, at least. Don't be fooled into thinking that this will bring long-term securiy, however! There is a discussion of this issue in the forums here on contribs that concludes that moving ssh to another port will only help until the attackers upgrade their tools. Public/private key security is recommended. (See [http://forums.contribs.org/index.php?topic=29505.msg123499#msg123499 Guessing passwords])
