Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide
Tomorrow's an illusion and yesterday's a dream, today is a solution...
Maybe you could have tried reading my whole post, where I was quite clear that it wouldn't stop people who really want to break into your system.
But script kiddies just try a few well-known ports and then move on to the next IP address, they don't waste time port-scanning the entire range. Nor do they sit at their computer manually typing commands, that's why they're called 'script kiddies'.
The single best way to protect against SSH attacks is to use a non-standard port. Then you can worry about the other 1% who will actually do a port scan.
Oh yeah, and if you try nmap on my firewall you'll be blocked after checking a few ports, unless you do it so slowly that you don't trigger the port-scan detection.
Last edited by movieman; January 16th, 2013 at 07:19 PM.
thanks for all your help guys!
Bookmarks