Date: Tue, 29 Dec 2009 12:52:48 +0100 From: "Ronald Klop" <ronald-freebsd8@klop.yi.org> To: "Edwin Groothuis" <edwin@mavetju.org>, "Andresen, Jason R." <jandrese@mitre.org> Cc: "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org>, Chris H <chris#@1command.com> Subject: Re: Hacked - FreeBSD 7.1-Release Message-ID: <op.u5o7aazb8527sy@82-170-177-25.ip.telfort.nl> In-Reply-To: <20091229114536.GA2409@mavetju.org> References: <bd52e0bd614fbaffcf8c9ff9da35286e@mail.isot.com> <4B20B509.4050501@yahoo.it> <600C0C33850FFE49B76BDD81AED4D25801371D8056@IMCMBX3.MITRE.ORG> <ce92ed41260c438977298c2cf9dd1e3f.HRCIM@webmail.1command.com> <600C0C33850FFE49B76BDD81AED4D25801371D8737@IMCMBX3.MITRE.ORG> <20091229114536.GA2409@mavetju.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 29 Dec 2009 12:45:36 +0100, Edwin Groothuis <edwin@mavetju.org> =20 wrote: > On Mon, Dec 28, 2009 at 10:44:41AM -0500, Andresen, Jason R. wrote: >> The point is, if your machine is on the internet, then bots are >> going to try password attacks on any open port they can find. It's >> just the sad fact of life on the current internet. Unfortunately, >> this activity will also make it much more difficult to determine >> when you are under attack from an actual person, which was my point >> earlier. It's one that is not going to be easy to solve either, >> unless you're willing to rewrite SSH to require every connection >> attempt to pass a Turing test or something. The turing test is a private/public key with a passphrase. And disable =20 passwords. > On all systems which need to be accessible from the public Internet: > Run sshd on port 22 and port 8022. Block incoming traffic on port > 22 on your firewall. > > Everybody coming from the outside world needs to know it is running > on port 8022. Everybody coming from the inside world has access as > normal. > > Edwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.u5o7aazb8527sy>