Date: Wed, 02 Dec 2009 12:10:47 -0700 From: Brett Glass <brett@lariat.net> To: "Poul-Henning Kamp" <phk@phk.freebsd.dk>, Mike Tancsa <mike@sentex.net> Cc: freebsd-security@freebsd.org, Mohd Fazli Azran <mfazliazran@gmail.com> Subject: Re: Increase in SSH attacks as of announcement of rtld bug Message-ID: <200912030423.VAA04903@lariat.net> In-Reply-To: <18401.1259761888@critter.freebsd.dk> References: <Your message of "Wed, 02 Dec 2009 08:25:08 EST." <200912021324.nB2DOc58001138@lava.sentex.ca> <18401.1259761888@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
At 06:51 AM 12/2/2009, Poul-Henning Kamp wrote: >A very efficient measure: Move your sshd to another port number. This helps. However, I'd like to try single packet authentication, as it would likely work even better. (It's possible to find an SSH daemon on an unusual port with a port scan.) And it would have the advantage that it could be integrated directly into SSH daemons and clients. --Brett Glass
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912030423.VAA04903>