Re: SSH brute force China and Linux: best practices

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Re: SSH brute force China and Linux: best practices

From: Chuck Anderson
Date: Sat Jan 30 12:16:41 2010

List-archive: <http://mailman.nanog.org/mailman/nanog>
List-help: <mailto:nanog-request@nanog.org?subject=help>
List-id: North American Network Operators Group <nanog.nanog.org>
List-post: <mailto:nanog@nanog.org>
List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>,<mailto:nanog-request@nanog.org?subject=subscribe>
List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>,<mailto:nanog-request@nanog.org?subject=unsubscribe>

On Fri, Jan 29, 2010 at 10:47:57PM -0600, Bobby Mac wrote:
> What are the new set of best practices for those running a NIX home
> computer.  Yes I have a firewall and I do peruse my logs on a regular
> basis.

1. Don't have services listening unless you need them.

2. If you can, move needed services to nonstandard ports.

If the only ports you have open are for services you want/need to 
access from anywhere, then you don't need a firewall.

> BTW: ever drop a malformed  URL to alert an admin to some thing that sucks?
> w3.hp.com/execs/makes/too/much/money or
> www.yourbuddiesdomain.com/it/is/all/rfc/space/use/1918/when/referring/to/non/routable

Yes.

References:
- SSH brute force China and Linux: best practices Bobby Mac

Prev by Date: Re: domain registra question
Next by Date: Re: SSH brute force China and Linux: best practices
Date Index
Thread Index
Author Index
Historical