[ILUG] Thanks: Breakins attempted - advice please
Gareth 'bigbro' Eason
bigbro at skynet.ie
Sun Aug 31 10:24:17 IST 2008
John Kinsella wrote:
> Security through obscurity is a good start (SSH Port # = 22 1/2) :-)
> The problem has "gone away".. for now.
>
> Thanks to all who replied,
[snip]
One thing to be aware of (for every silver lining has its cloud ;-) )
is that many firewall configurations allow port 22 through, since it's a
well known port for SSH - a highly used service. If you use a non
default port, you also run the risk of your traffic being blocked by an
over-zealous firewall despite the firewall admin's best efforts to allow
SSH through.
fail2ban is one of the many excellent methods of leaving SSH running on
its default port, but cutting down on the amount of log spam due to
brute force attacks.
Hope that helps.
Best regards,
-->Gar
More information about the ILUG
mailing list