[ubuntu-uk] IPTABLES
Tony Arnold
tony.arnold at manchester.ac.uk
Fri Apr 18 14:52:30 BST 2008
Huw Selley wrote:
> On 18 Apr 2008, at 14:27, Tony Arnold wrote:
> <snip>
>
>> Oh, and if you are allowing ssh, then consider running fail2ban or
>> denyhosts to stop dictionary attacks via ssh, which are very common.
>
> Or only allow key based logins and disable password logins, renders
> dictionary attacks useless although doesn't stop the CPU burn when
> people come a knocking.
I'd do both!
Regards,
Tony.
--
Tony Arnold, Tel: +44 (0) 161 275 6093
Head of IT Security, Fax: +44 (0) 870 136 1004
University of Manchester, Mob: +44 (0) 773 330 0039
Manchester M13 9PL. Email: tony.arnold at manchester.ac.uk
More information about the ubuntu-uk
mailing list