On Mon, Jun 12, 2017 at 4:00 PM, Ted Roche wrote:
> On Mon, Jun 12, 2017 at 1:15 PM, Tom Buskey wrote:
> > As Ted said in the 2nd sentence, it's running on a non-standard port.
> Yes,
> > it helps lot to reduce garbage in the logs.
> >
> > Maybe it's not
On Mon, Jun 12, 2017 at 1:15 PM, Tom Buskey wrote:
> As Ted said in the 2nd sentence, it's running on a non-standard port. Yes,
> it helps lot to reduce garbage in the logs.
>
> Maybe it's not non-standard enough?
>
Whadyamean? I'm using the same non-standard port everyone
Insisting on the use of an ssh key instead of login credentials also helps a
lot.
Dan
> On Jun 12, 2017, at 13:15, Tom Buskey wrote:
>
> As Ted said in the 2nd sentence, it's running on a non-standard port. Yes,
> it helps lot to reduce garbage in the logs.
>
> Maybe it's
Agreed. However, now that the kiddies have bot armies of millions of
machines, they just scan all the ports. I've been running non-standard
ports on most servers, and I am seeing similar traffic on many of the
machines (with unrelated domains, IP ranges, geography, CIDRs and
ISPs) makes me think
As Ted said in the 2nd sentence, it's running on a non-standard port. Yes,
it helps lot to reduce garbage in the logs.
Maybe it's not non-standard enough?
sshguard looks interesting. Thanks!
On Mon, Jun 12, 2017 at 12:42 PM, Bruce Dawson wrote:
> I have to second this
I have to second this suggestion - changing the port did wonders for our
servers. Of course, as Dan says, it works for script kiddies, not so
much against a determined attack on your server.
--Bruce
On 06/12/2017 09:59 AM, Dan Garthwaite wrote:
If you can change the port number it does
I always wonder what they're trying to get. https://krebsonsecurity.com has
lots of info on why they do it, what they do with it and how they make $$.
There's very few consequences to the attacker for "rattling the doorknob"
compared to potential success.
On Sun, Jun 11, 2017 at 1:53 PM, Ted
If you can change the port number it does wonders against the script
kiddies.
Just remember to add the new port, restart sshd, then remove the old port.
:)
On Sun, Jun 11, 2017 at 1:53 PM, Ted Roche wrote:
> Thanks, all for the recommendations. I hadn't seen sshguard