Port knocking script/server for fedora?

Andy Blanchard zocalo at gmail.com
Wed Nov 19 13:11:27 UTC 2014

The most effective thing I've found for preventing SSH attacks is
simply to listen on a different port.  Yes, it's security by obscurity
so you should also deploy other counter measures, but if you choose
your non-standard port wisely you can avoid most, if not all, casual
attacks.  Some tips:

Avoid obvious alternatives like 222 and 2222.
Don't use a port that is used for another popular service (80 would be *bad*!)
Ideally use a port below 1,024 as these can only be bound to by
daemons started as root.

So far, I've had exactly *one* kiddie stumble across my home server's
SSH port on a scan in several years, and that was only because they
did a brute force scan of every port below 1024 and a large number of
selected high ports.  All to no avail as my IDS had already detected
the scan and denied the IP long before they reached any open ports.


The only person to have all his work done by Friday was Robinson Crusoe

More information about the users mailing list