abuse@ and postmaster@ in the modern world?
Dean Wilson
dwilson at unixdaemon.net
Fri Nov 17 16:17:26 GMT 2006
On Fri, Nov 17, 2006 at 03:57:57PM +0000, Toby Corkindale wrote:
> How do you deal with this annoyance? Or do you just let them hurl themselves
> ineffectively at your passwords, safe in the knowledge that they're about 20
> characters long, and there's no way they'll have guessed it, even after 9000
> attempts.
With SSH I turn off root logins, limit allowed logins to users in a
single group ("AllowGroups ssh-users") and put myself in it.
I also don't use the default port. Which stops pretty much all the
brute force attacks and automated scanners. It won't stop a determined
attacker (using something like amap or a banner grabber) but I don't get
attacked by those. In my case moving the port stopped all brute force
attacks.
Years ago I did geographical IP filtering (in this case to only allow
connections from London) which reduced the service exposure even more.
But looking back it seems like overkill.
Dean
--
Dean Wilson http://www.unixdaemon.net
Profanity is the one language all programmers understand
--- Anon
More information about the london.pm
mailing list