That's what I thought, until I got hacked 6 years ago. Granted, I did have an older ssh, but at the time, it wasn't that old. Now, at the firewall level I only allow a certain range of IP addresses access to port 22. Since I rarely ssh in from anywhere but home and work, I set it up to allow those addresses. If I do need access from another machine, I can always open it up temporarily. If I do, I turn on logging so everything gets logged.<br>
<br>The most important thing to remember: They aren't necessarily targeting you, they are targeting a computer. The don't know or care who owns the computer, it is just a target for them. That's all they care about.<br>
<br><div class="gmail_quote">On Tue, May 13, 2008 at 1:38 PM, Daniel A. Ramaley <<a href="mailto:daniel.ramaley@drake.edu">daniel.ramaley@drake.edu</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Tuesday 13 May 2008 12:53, Josh More wrote:<br>
> All you're doing is reducing traffic (not a<br>
> bad thing, really) and reducing your log volume.<br>
<br>
</div>If you reduce your log volume it will make the more advanced and<br>
worrisome attacks easier to spot since there will be less noise.<br>
<br>
Personally, i run ssh on the standard port 22. But only because i'm too<br>
lazy to redo my firewall configuration to let in something else. (I<br>
don't like futzing with the firewall.) I do, however, have ssh locked<br>
down in all the other ways, and i keep up with security updates to it.<br>
I think it pretty unlikely i'll get cracked via ssh. But, if i ever get<br>
around to it, i'll definitely change the port just so my logs aren't<br>
filled up with all the noise from the dictionary attacks. Have those<br>
*ever* worked? I've not personally encountered a system so insecure a<br>
dictionary attack would work against it...<br>
<br>
------------------------------------------------------------------------<br>
Dan Ramaley Dial Center 118, Drake University<br>
Network Programmer/Analyst 2407 Carpenter Ave<br>
+1 515 271-4540 Des Moines IA 50311 USA<br>
<div><div></div><div class="Wj3C7c">_______________________________________________<br>
Cialug mailing list<br>
<a href="mailto:Cialug@cialug.org">Cialug@cialug.org</a><br>
<a href="http://cialug.org/mailman/listinfo/cialug" target="_blank">http://cialug.org/mailman/listinfo/cialug</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Tim