On Thu, 2018-04-19 at 10:08 -0700, Natu wrote: > On 04/17/2018 08:27 PM, Carl Zwanzig wrote: > > On 4/17/2018 7:20 AM, Rich Kulawiec wrote: > >> I stood up a new server last fall with *no* valid ssh access and logged > >> about 750,000 attempts in a month. Similar patterns. > > > > There's a reason I don't put sshd on port 22; moving it elsewhere and > > blackhole-ing 22 cut the auth log tremendously. > > > > ( > > If you have no users logging in remotely or if users are technical > enough, consider using fwknop for ssh and other services. I also use > openvpn or openvpn with fwknop to access the vpn. I've found fwknop to > be rock solid, and I've never had even a single attack on services that > use fwknop. http://www.cipherdyne.org/fwknop/
Once again, do yourself a favor and check out fail2ban. It's in use on my company's server and works wonders on stopping brute force attacks on ALL services affected. -- Lindsay Haisley | "The first casualty when FMP Computer Services | war comes is truth." 512-259-1190 | http://www.fmp.com | -- Hiram W Johnson ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org