John R. Dennison said:
>> Move sshd to another port; it does nothing to heighten security but
it
>> will reduce log / alert volume by more than a bit.
Yes. Moving to an odd port dramatically cuts the number of pwd attacks.
And I would call that increased security.
On Wednesday, May 3, 2023 at 7:38:29 PM UTC-5 John R. Dennison wrote:
> On Wed, May 03, 2023 at 07:22:28PM -0500, Michael L wrote:
> > google search yielded:
> > "By default, fail2ban works with iptables. However,
> > *this has been deprecated in favor of the firewalld" . *
>
> fail2ban is available in EPEL for EL7:
>
> yum --enablerepo=extras install epel-release
> yum --enablerepo=epel install fail2ban-server fail2ban-sendmail
> fail2ban-systemd
>
> Configure as necessary and then enable and start with:
>
> systemctl enable fail2ban.service
> systemctl start fail2ban.service
>
> > I have a 29 character root password and will lengthen the other sudo
> > passwords. I hope to be rid of this CentOS 7 system soon, but until then
> > it's best to install an additional roadblock to the brute force login
> > attempts.
>
> Move sshd to another port; it does nothing to heighten security but it
> will reduce log / alert volume by more than a bit.
>
>
>
>
>
> John
>
> --
> In view of the fact that God limited the intelligence of man, it seems
> unfair that he did not also limit his stupidity.
>
> -- Konrad Hermann Josef Adenauer (1876-1967), West German Chancellor from
> 1949-1963, as quoted in Through Russian Eyes: President Kennedy's 1036
> Days (1973) by Anatoli-Andreevich Gromyko
>
--
--
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nlug-talk?hl=en
---
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/nlug-talk/f49ad314-cb61-4ce4-96f8-64a5d4d44e89n%40googlegroups.com.
