From owner-freebsd-questions@FreeBSD.ORG  Fri May 30 18:46:33 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DEEC9106566B
	for <freebsd-questions@freebsd.org>;
	Fri, 30 May 2008 18:46:33 +0000 (UTC)
	(envelope-from jmc-freebsd@milibyte.co.uk)
Received: from ptb-relay03.plus.net (ptb-relay03.plus.net [212.159.14.214])
	by mx1.freebsd.org (Postfix) with ESMTP id BA09F8FC1E
	for <freebsd-questions@freebsd.org>;
	Fri, 30 May 2008 18:46:33 +0000 (UTC)
	(envelope-from jmc-freebsd@milibyte.co.uk)
Received: from [84.92.153.232] (helo=milibyte.co.uk)
	by ptb-relay03.plus.net with esmtp (Exim) id 1K29cV-0000i4-Nv
	for freebsd-questions@freebsd.org; Fri, 30 May 2008 19:46:31 +0100
Received: by milibyte.co.uk with local (Exim 4.69)
	(envelope-from <jmc-freebsd@milibyte.co.uk>) id 1K29cV-0001WA-6S
	for freebsd-questions@freebsd.org; Fri, 30 May 2008 19:46:31 +0100
From: Mike Clarke <jmc-freebsd@milibyte.co.uk>
To: freebsd-questions@freebsd.org
Date: Fri, 30 May 2008 19:46:30 +0100
User-Agent: KMail/1.9.7
References: <200805301748.m4UHmc6Q020790@lurza.secnetix.de>
In-Reply-To: <200805301748.m4UHmc6Q020790@lurza.secnetix.de>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Message-Id: <200805301946.30967.jmc-freebsd@milibyte.co.uk>
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: jmc-freebsd@milibyte.co.uk
X-SA-Exim-Scanned: No (on milibyte.co.uk); SAEximRunCond expanded to false
X-Plusnet-Relay: b7d07cf0030cb94bca0abcdd3899ea81
Subject: Re: Renaming "root" to "homer"?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 30 May 2008 18:46:34 -0000

On Friday 30 May 2008, Oliver Fromme wrote:

> Another idea would be to move sshd from the default port
> to a non-standard port, e.g. 222 or whatever. =A0Typically
> ssh brute force attacks target port 22 only. =A0This will
> also clear your logs from useless break-in attempts.

/usr/ports/security/denyhosts is quite good for permanently blocking=20
access from IP's that make suspicious ssh probes. It reduces garbage in=20
the logs too because after a remote address gets blocked future probes=20
from it get rejected before they even get as far as being logged.

=2D-=20
Mike Clarke