Re: What's going on with pgfoundry?

Kris Jurka wrote:
>
>
> On Wed, 26 Nov 2008, Dave Page wrote:
>
>>
>> It's the same IP address - but try port 35 for ssh. Marc changed it
>> (temporarily) due to a vast number of malicious connection attempts.
>>
>
> Why wasn't this change communicated to anyone, not even gforge-admins? 
> How temporary is temporary?
>
> Kris Jurka
>
I can't speak to the administrative and communications aspects, but 
based on my experience, I can recommend communicating to the appropriate 
users and making the change permanent.

I have changed the external ssh port on all machines I administer. The 
result is the complete elimination of the previous hundreds to thousands 
of daily script-kiddie brute-force attempts I used to see.

Obscurity should not be your *only* line of defense, but camouflage 
helps as well. And even if it didn't, it still reduces server-load, 
bandwidth and heaps of logfile cruft.

Cheers,
Steve