On Tue, July 22, 2008 16:45, Les Bell wrote: > Moving sshd to a non-standard port is one of the worst examples of relying > on security by obscurity. Its only advantage is that it cuts out some > noise > in the logs, but proper precautions do that as well, without lulling you > into a false sense of security.
I think you've put your finger on a key point here -- what most people really want here is a reduction in log noise. I'd suggest the best way to achieve that is to not display SSH logon failures :-). If you instead scan the *successes*, you're much more likely to actually spot any problem that occurs. -- David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/ Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/ Photos: http://dd-b.net/photography/gallery/ Dragaera: http://dragaera.info _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
