Date: Wed, 7 Mar 2018 10:50:26 -0400 From: Duane Whitty <duane@nofroth.com> To: freebsd-questions@freebsd.org Subject: Re: Increased abuse activity on my server Message-ID: <CAOZUxFtQv5tcb5O15WPcnkMr6nQqQCNA7P8gDUhitOKqH59ybA@mail.gmail.com> In-Reply-To: <CAFsnNZ%2Bx_2YUuNrVDjt4MXMB40W3qHeyYsNgZSWT=3a4cRTKOA@mail.gmail.com> References: <20180307071944.GA30971@ymer.bara1.se> <20180307103136.25881537.ole@free.de> <CAFsnNZ%2Bx_2YUuNrVDjt4MXMB40W3qHeyYsNgZSWT=3a4cRTKOA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
+1. Works great On Mar 7, 2018 10:24, "William Dudley" <wfdudley@gmail.com> wrote: > This may sound stupid and obvious, but I moved my ssh port to a high > "random" port > number, and that completely stopped the random attempts to ssh in. I know > that > "security by obscurity" "doesn't work", but it did! > > I picked a port like 5792 -- not related to anything else. (i.e. don't > pick 2222 or 2022 etc.) > > I've had this in place for months and months (perhaps a year) and the > attackers > haven't found the port yet. > > I think this works because unless you, specifically, are at *target* of > somebody *serious*, > (think "kbg"), most of these attackers are opportunists who won't spend the > time > to do a full port scan of your server. They just try the standard ports: > 21, 22, 23, 25, etc. > > ALSO, you should disable password auth for ssh and use only public/private > key. > > Then you know the attackers are REALLY wasting their time. > > Bill Dudley > > > This email is free of malware because I run Linux. > > On Wed, Mar 7, 2018 at 4:31 AM, Ole <ole@free.de> wrote: > > > Wed, 7 Mar 2018 08:19:44 +0100 - User Hasse <hasse@bara1.se>: > > > > > Anybody else noticed ? > > > > Welcome to the internet :-) > > > > If you have strong passwords or better only public key authentication > > allowed, just don't care. If you want to increase security you could > > use a VPN + Firewall to only allow connections from your VPN. If you > > just don't want them to spam your logs you could just move sshd from > > port 22 to port 24. > > > > regards Ole > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOZUxFtQv5tcb5O15WPcnkMr6nQqQCNA7P8gDUhitOKqH59ybA>