[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] ssh brute-force
At one of my jobs they used ssh keys and move the port to 20000
something, at first I wonder why, but now it makes a lot of sense.
Specially the keys. If you are going to leave it on port 22, set
yourself up with ssh-keys and anyone less that use it. You turn off
password in ssh were it will only use the keys.
On Sun, Feb 16, 2014 at 4:34 PM, Wolf Halton <wolf.halton at gmail.com> wrote:
> Unless you are being specifically, there are about 60,000 ports that aren't
> scanned by tools in default mode. High numbers without registered services
> will get almost zero hits.
> On Feb 16, 2014 3:45 PM, "John Heim" <john at johnheim.com> wrote:
>> My experience is that changing the port reduces the random attempts to
>> near zero. But if someone specifically targets you, it doesn't help.
>> Hackersprobably aren't doing port scans of your server. They are probably
>> scanning your network for machines with port 22 open.
>> On 02/16/14 13:20, Edward Holcroft wrote:
>>> I have a server that I had to open to the world for ssh. It's getting a
>>> lot of brute-force hits, although I've managed to bring it down to an
>>> "acceptable" level by using a suitable level of paranoia in denyhosts.
>>> Obviously I'd rather not have these hits at all.
>>> I often hear the suggestion made that I should be using a non-standard
>>> port for ssh to reduce such attacks. I wonder though what the real value
>>> of this would be, since would a portscan not reveal the open port to
>>> would-be hackers anyway?
>>> I've heard it said that unwanted ssh hits have been reduced to zero by
>>> changing the port from 22 to something else. Of course I can test the
>>> hypothesis by simply changing the port, but I'd like to hear some
>>> opinions on this question before doing so.
>>> Edward Holcroft | Madsen Kneppers & Associates Inc.
>>> 11695 Johns Creek Parkway, Suite 250 | Johns Creek, GA 30097
>>> O (770) 446-9606 | M (770) 630-0949
>>> MADSEN, KNEPPERS & ASSOCIATES USA, MKA Canada Inc.
>>> WARNING/CONFIDENTIALITY NOTICE: This message may be confidential and/or
>>> privileged. If you are not the intended recipient, please notify the
>>> sender immediately then delete it - you should not copy or use it for
>>> any purpose or disclose its content to any other person. Internet
>>> communications are not secure. You should scan this message and any
>>> attachments for viruses. Any unauthorized use or interception of this
>>> e-mail is illegal.
>>> Ale mailing list
>>> Ale at ale.org
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> Ale mailing list
>> Ale at ale.org
>> See JOBS, ANNOUNCE and SCHOOLS lists at
> Ale mailing list
> Ale at ale.org
> See JOBS, ANNOUNCE and SCHOOLS lists at
Terror PUP a.k.a
Chuck "PUP" Payne
Discover it! Enjoy it! Share it! openSUSE Linux.
openSUSE -- en.opensuse.org/User:Terrorpup
openSUSE Ambassador/openSUSE Member
Community Manager -- Southeast Linux Foundation (SELF)
skype,twiiter,identica,friendfeed -- terrorpup
Register Linux Userid: 155363
Have you tried SUSE Studio? Need to create a Live CD, an app you want
to package and distribute , or create your own linux distro. Give SUSE
Studio a try. www.susestudio.com.
See you at Southeast Linux Fest, June 7-9, 2013 in Charlotte, NC.