Brute-Force SSH Server Attacks Surge -- InformationWeek

Neil Joseph Schelly neil at jenandneil.com
Thu May 15 11:28:48 EDT 2008


On Thursday 15 May 2008 11:17, Ben Scott wrote:
> On Thu, May 15, 2008 at 9:58 AM, kenta <kenta at guster.net> wrote:
> > Bind ssh to two ports: 22 and a non standard port
> > In my firewall rules I specifically allow certain IP's to connect to port
> > 22.
>
>   One variant of that strategy is to run the real SSH on some
> non-standard port, and then run a sentry on 22, so that anyone trying
> to connect to 22 is automatically blacklisted.

I would get myself blacklisted a lot from my own servers.  It's not uncommon 
for me to forget if I'm inside my network or outside.
-N


More information about the gnhlug-discuss mailing list