[H-SASIG] Proposed changes to Excalibur
Robert Brockway
robert at timetraveller.org
Thu Dec 3 09:32:17 EST 2009
On Thu, 3 Dec 2009, Russell Stuart wrote:
> Password access is disabled. It doesn't solve the log problem however.
Ah so it is the actual entries in the logs which are of concern, not the
probing itself. I normally search system logs through a shell and use
grep to filter.
Ah yes we do disable password access. Normally when I see people want to
change the port for ssh it is to block the attacks, rather than just to
keep noise out of the logs.
>> Changing the port causes problems with access[1].
>
> For most of Humbug's history we have had problems with access, as port
> 22 was blocked. We had to go through substantial hoops to get around
> that - bigger than a mere port change, yet I don't recall it causing a
> major problem for SysAdmin's. Given it didn't I can't imagine how a
I remember times when it was an issue. It is true that these days anyone
acting as a sysadmin probably has a system on the 'net they can use to get
around this restriction.
> Do want us to take a vote on this move, Rob?
No, I think the decision should fall to the president or exec after
weighing up all the options.
Cheers,
Rob
--
I tried to change the world but they had a no-return policy
http://www.practicalsysadmin.com
More information about the Sasig
mailing list