Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: SPAM: Re: [suse-security] Openssh + security
From: Bruno Cochofel (bruno.cochofelgmail.com)
Date: Mon Dec 12 2005 - 07:05:44 CST
I believe there's a program called sentry tools (port sentry, logcheck
and host sentry) that could do the job but I think this is obsolete and
the version under sourceforge is old.
Does anyone know where this can be found by these days? Or there's any
substitute? I want not only to monitor sshd port put also others
Scott Leighton wrote:
>On Sunday 11 December 2005 3:27 pm, Jaime Santos wrote:
>>If someone is using a script to probe port 22 of random machines,
>>probably it does make sense to attach the ssh server
>>to some other port. But your users will have to be warned that they have
>>to explicitly name such a port when trying to
>>login remotely. Furthermore, a nmap search for open ports can always
>>reveal the services which are available, but this
>>is a directed attack. Given the nuisance (such strategy is essentially
>>security via obscurity), I think it isn't worth doing it.
> Yes, the script kiddies are a nuisance. I use login_sentry to send
>them on their way (it adds their IP address to hosts.deny).