| From: | Steve Crawford <scrawford(at)pinpointresearch(dot)com> |
|---|---|
| To: | Kris Jurka <books(at)ejurka(dot)com> |
| Cc: | "Marc G(dot) Fournier" <scrappy(at)hub(dot)org>, Dave Page <dpage(at)pgadmin(dot)org>, Tatsuo Ishii <ishii(at)postgresql(dot)org>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: What's going on with pgfoundry? |
| Date: | 2008-11-26 18:51:23 |
| Message-ID: | 492D9AAB.7060501@pinpointresearch.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Kris Jurka wrote:
>
>
> On Wed, 26 Nov 2008, Dave Page wrote:
>
>>
>> It's the same IP address - but try port 35 for ssh. Marc changed it
>> (temporarily) due to a vast number of malicious connection attempts.
>>
>
> Why wasn't this change communicated to anyone, not even gforge-admins?
> How temporary is temporary?
>
> Kris Jurka
>
I can't speak to the administrative and communications aspects, but
based on my experience, I can recommend communicating to the appropriate
users and making the change permanent.
I have changed the external ssh port on all machines I administer. The
result is the complete elimination of the previous hundreds to thousands
of daily script-kiddie brute-force attempts I used to see.
Obscurity should not be your *only* line of defense, but camouflage
helps as well. And even if it didn't, it still reduces server-load,
bandwidth and heaps of logfile cruft.
Cheers,
Steve
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marc G. Fournier | 2008-11-26 18:54:43 | Re: What's going on with pgfoundry? |
| Previous Message | Merlin Moncure | 2008-11-26 18:41:10 | Re: [bugfix] DISCARD ALL does not release advisory locks |