[sllug-members]: How does one properly implement OpenSSH?
Jeff Schroeder
jeff at zingstudios.com
Tue Mar 25 08:17:38 MST 2008
Corey:
> It also does buy you some real security because it makes
> finding your server one step harder, something that script kiddies
> aren't likely to do. That's valuable. If it's worth the trade-off of
> having to specify the port number when you connect, then go for it.
It's a tough call sometimes-- it's a tradeoff between blocking the
kiddies and inconveniencing your users because they have to remember
the port number and know how to specify it in their SSH command.
> The real problem with security through obscurity is when people use
> obscurity *alone* as their security.
I completely agree. Security should be like an onion: layer upon layer
(within reason, heh).
$0.02,
Jeff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://sllug.org/pipermail/sllug-members/attachments/20080325/4e415622/attachment.pgp
More information about the sllug-members
mailing list