[ale] ssh brute-force
Edward Holcroft
eholcroft at mkainc.com
Sun Feb 16 14:20:49 EST 2014
All,
I have a server that I had to open to the world for ssh. It's getting a lot
of brute-force hits, although I've managed to bring it down to an
"acceptable" level by using a suitable level of paranoia in denyhosts.
Obviously I'd rather not have these hits at all.
I often hear the suggestion made that I should be using a non-standard port
for ssh to reduce such attacks. I wonder though what the real value of this
would be, since would a portscan not reveal the open port to would-be
hackers anyway?
I've heard it said that unwanted ssh hits have been reduced to zero by
changing the port from 22 to something else. Of course I can test the
hypothesis by simply changing the port, but I'd like to hear some opinions
on this question before doing so.
ed
--
Edward Holcroft | Madsen Kneppers & Associates Inc.
11695 Johns Creek Parkway, Suite 250 | Johns Creek, GA 30097
O (770) 446-9606 | M (770) 630-0949
--
MADSEN, KNEPPERS & ASSOCIATES USA, MKA Canada Inc. WARNING/CONFIDENTIALITY
NOTICE: This message may be confidential and/or privileged. If you are not
the intended recipient, please notify the sender immediately then delete it
- you should not copy or use it for any purpose or disclose its content to
any other person. Internet communications are not secure. You should scan
this message and any attachments for viruses. Any unauthorized use or
interception of this e-mail is illegal.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140216/87cb030b/attachment.html>
More information about the Ale
mailing list