|
|
Subscribe / Log in / New account

Dealing with automated SSH password-guessing

Dealing with automated SSH password-guessing

Posted Oct 26, 2016 22:07 UTC (Wed) by NightMonkey (subscriber, #23051)
In reply to: Dealing with automated SSH password-guessing by genaro
Parent article: Dealing with automated SSH password-guessing

Indeed. Netblock-to-Netblock variances in bot traffic can be substantial. The new assignee of the address or netblock gets the sad benefit of inheriting whatever the previous assignees 'attack surface' drew in.

Also, just one more vote here for moving away from known and common ports for administrative services. I think I said this on LWN many years ago, but it still is true for me that moving ports means that I can pay much greater attention to *directed* attacks on *my resources*, rather than just see a sea of dumb "wardialing" bots.

to post comments

Dealing with automated SSH password-guessing

Posted Nov 3, 2016 3:14 UTC (Thu) by Chipz (guest, #82248) [Link]

Personally, I have been surprised at how many (seemingly undirected) SSH attacks I receive on non-standard ports. Perhaps if SSH had some kind of "--dont-reveal-service" flag, it might help


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds