[Box-Admins] Change ssh port?
Ken Causey
ken at kencausey.com
Thu Feb 20 18:04:38 UTC 2014
On 02/20/2014 11:36 AM, Levente Uzonyi wrote:
> On Thu, 20 Feb 2014, Tobias Pape wrote:
>
>> On 20.02.2014, at 18:12, Ken Causey <ken at kencausey.com> wrote:
>>
>>> What does the group think of changing the port that sshd listens on
>>> for connections? Yes, I know this is a sort of security by obscurity
>>> and is entirely pointless if you are being targeted. But we aren't
>>> being targeted yet the net is just full of drive-by connection
>>> attempts these days.
>>>
>>> On a server I administer for a customer I used to get log reports of
>>> hundreds and even thousands of the attempted ssh connections each and
>>> every day. I got tired of the noise and moved sshd to another port.
>>> It has been years now and there has not been a single ssh connection
>>> attempt from anyone other than me since I made the change.
>>>
>>
>> Please just install fail2ban
>> I am using this for years and it is indispensable.
>> It analyzes the ssh fail logs and auto-bans offending ip's for 10 minutes
>> this is typically enough to stop script kiddies from trying further.
>
> It doesn't get rid of the noise from the logs.
>
>
> Levente
I'm not too worried about the noise issue, I just ignore it right now
anyway. I haven't looked at it yet but I've put fail2ban as well as
Cees' suggestion on my list to consider.
Ken
More information about the Box-Admins
mailing list