On Sat, 26 Feb 2011 23:46:25 +0000 Brian <a...@cityscape.co.uk> wrote:
> On Sat 26 Feb 2011 at 16:12:33 -0700, Aaron Toponce wrote: > > > Either way, you're exposing your internal network to the Internet > > if you don't have good security procedures in place. Have a strong > > password (I recommend http://passwordcard.org), chroot jail your > > daemon, use remote logging, and take advantage of strict firewalls. > > In other words, lock it down. > > If the strong password is being used by only one person (which appears > to be the case here) in what sense is it lacking if it is the only > security in place? Doesn't it give sufficient lockdown? > > Well this thread could certainly go on forever. Jason, also have a look at the securing Debian manual with attention on ssh. Perhaps removing passwords all together and only using a key, no root, etc. From experience I will say moving your listening port from 22 to something else will keep your logs fairly clear. Internet facing machine I'm looking at right now only had 8 packets hit 22 yesterday. Dropped of course and not by chance from the same Chinese IP. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110226191813.42059955@t61.debian-linux
