I've set up different port than default to access remote server via SSH and also disabled password login (pubkey enabled), in /etc/hosts.deny enabled ALL: PARANOID. Anything more to increase security or is this enough?
@nikolal
fail2ban probs a good idea too
@y0x3y
Seems like it, although I edited everything I need in sshd for additional options such as number of attempts, timeout etc. Fail2ban might be usefull for apache server, thanks for suggestion.
@michel_slm
Quite good hardening would be /etc/hosts.allow file set only to specific IP adresses that I use. I have one question though, is it possible for me to access my remote apache server with ssh tunneling? Or can any attacker access my apache server with http if he knows my IP address, since router points to my raspberry server?
@y0x3y
