Port knocking script/server for fedora?
Andy Blanchard
zocalo at gmail.com
Wed Nov 19 13:11:27 UTC 2014
The most effective thing I've found for preventing SSH attacks is
simply to listen on a different port. Yes, it's security by obscurity
so you should also deploy other counter measures, but if you choose
your non-standard port wisely you can avoid most, if not all, casual
attacks. Some tips:
Avoid obvious alternatives like 222 and 2222.
Don't use a port that is used for another popular service (80 would be *bad*!)
Ideally use a port below 1,024 as these can only be bound to by
daemons started as root.
So far, I've had exactly *one* kiddie stumble across my home server's
SSH port on a scan in several years, and that was only because they
did a brute force scan of every port below 1024 and a large number of
selected high ports. All to no avail as my IDS had already detected
the scan and denied the IP long before they reached any open ports.
--
Andy
The only person to have all his work done by Friday was Robinson Crusoe
More information about the users
mailing list