RE: [Asterisk-Users] asterisk@home scary log

denon Thu, 10 Feb 2005 08:22:51 -0800

Why would you even want SSH exposed to the world? In fact, why expose it to anything but your local admin console, or *maybe* a vpn tunnel server if absolutely necessary?

-d

At 10:08 AM 2/10/2005, you wrote:

>The hack came in through ssh.

IMO, your best defence is an extremely strong root password; I am often
mortified by looking at my logs and seeing all of the login attempts through
SSH.

OT: I am not up on Linux script-kiddie type tools, but I assume that there
is a script of some sort that automates SSH probes. Can anyone suggest a
good counter i.e. honeypot or throttling logon attempts. Yes, I know I can
google it, but I'd rather hear the opinion of real Linux experts rather than
the "experts" at About.com.
_______________________________________________
Asterisk-Users mailing list
Asterisk-Users@lists.digium.com
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users


_______________________________________________
Asterisk-Users mailing list
Asterisk-Users@lists.digium.com
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
  http://lists.digium.com/mailman/listinfo/asterisk-users

RE: [Asterisk-Users] asterisk@home scary log

Reply via email to