securing the system, stopping unnecessary services and closing open ports.
On Sat 27 Aug 2011 at 17:16:16 +0100, Joe wrote:
> On Sun, 28 Aug 2011 01:05:47 +1000
> yudi v <firstname.lastname@example.org> wrote:
> > how can I find out if this system has been compromised?
> You can try chkrootkit and rkhunter, but the latter at least works
A natural history expedition searching for unicorns and dodos would have
as much success as these two programs are likely to have.
> > what are the steps I need to take to secure it?
> As you say, deny root logins, but I would strongly recommend dropping
> passwords altogether and using keys. If you connect from Windows, you
Keys and passwords each have their place. One is not inherently more
secure than the other.
> (currently I believe) can't use *nix-generated keys. The change of port
> number is often denigrated as 'security by obscurity', but then what
> else is a digital certificate? If running ssh on an obscure port
> prevents pretty much all automated password brute-forcing (and it does)
> then you're better off than many other people have been.
You are most probably correct. On a higher port number sshd will
experience fewer probes. But it was secure on port 22 anyway, so there
doesn't seem much point in moving it in that regard.
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact email@example.com