View Single Post
  #4   (View Single Post)  
Old 22nd December 2009
There0 There0 is offline
./dev/null
 
Join Date: Jul 2008
Posts: 170
Default

Quote:
Should you ever enable SSH, you will likely want to disable root access and perhaps password authentication as well.
Yes those to options (disabled root via ssh login, and using preshared instead of passwords) REALLY help. I also specify ONLY which user can login with AllowUsers username (sshd_config) and you can spice up your pf.conf with something like this below to limit connections and from what IP you want to allow access from and of course a NON standard port

block drop log quick from { <bruteforce>, <noroute> }

pass in log quick on { $EXT, $INT } inet proto tcp from IP.ADDR.ALLOWED.ACCESS to { $EXT } port 32009 flags S/SA modulate state (max-src-conn 10, max-src-conn-rate3/3, overload <bruteforce> flush global)
__________________
The more you learn, the more you realize how little you know ....
Reply With Quote