Re: What's the strategy for bad guys guessing a few ssh passwords?

On Tue, Jun 13, 2017 at 12:39 PM, Joshua Judson Rosen < roz...@hackerposse.com> wrote: > On 06/12/2017 01:27 PM, Dan Coutu wrote: > >> On Jun 12, 2017, at 13:15, Tom Buskey > wrote: > >> > >> As Ted said in the 2nd sentence, it's running on a non-standard port.

Re: What's the strategy for bad guys guessing a few ssh passwords?

There is no security in obscurity - what changing the port offers is orders of magnitude less noise in the logs. If you or your tools never look at the logs than it understandably doesn't matter one whit to you. However if you are trying to keep on top of things with log analyzers, OSSEC,

Re: What's the strategy for bad guys guessing a few ssh passwords?

> > > *Doesn't* help cut down on logspam. ;) > > But adding liberal ignore rules into logcheck (or whatever) helps a lot > with logspam ;) > > > >> Maybe it's not non-standard enough? The combination of both of these reminded me of port knocking. Now that's what I'd call a "non-standard port".

Re: What's the strategy for bad guys guessing a few ssh passwords?

On 06/12/2017 01:27 PM, Dan Coutu wrote: >> On Jun 12, 2017, at 13:15, Tom Buskey > > wrote: >> >> As Ted said in the 2nd sentence, it's running on a non-standard port. Yes, >> it helps lot to reduce garbage in the logs. > > Insisting on the use of an