[tor-relays] iptables / dump
Sebastian Urbach
sebastian at urbach.org
Sat Nov 15 17:05:45 UTC 2014
On November 15, 2014 1:53:50 PM eric gisse <jowr.pi at gmail.com> wrote:
Hi,
> Sebastian, how do you distinguish between the usual low level noise of
> ssh brute force bots out there from more invasive attacks?
There is a bunch of other software (ids etc.) for that.
> Because this list is most likely just a bunch of internet background noise.
It is, thats why i wrote "usual suspects" ;-)
> Honestly, the safest thing to do is to NOT USE PASSWORD BASED LOGINS.
> But what would be even better is to firewall ssh out so you can't get
> in except from specific ips and/or through say port knocking.
Im aware of that but the sad truth is that i have to make some compromises
even if i really don't like them :-(
But that is a whole other story, i'm afraid.
Sebastian
More information about the tor-relays
mailing list