[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: SSH and Telnet ports

On Mon, Dec 15, 2008 at 08:41:16AM +0100, Marco Bonetti wrote:
> Hi,
> there should be an ongoing "new" bruteforce attack against ssh, take a
> look at http://www.theregister.co.uk/2008/12/08/brute_force_ssh_attack/
> I don't see any reason, for now, on worrying about it. Use the programs
> already suggested on this list to ban hosts (which could cause some
> interesting side effects if you're denying connections between your relay
> and other tor nodes) or, simpler, move ssh on a non standard port. It's a
> bit of "security through obscurity" but, at least, it's greatly effective
> in cutting out script kiddies traffic (and leaving in only the more
> interested attackers :-P ).

Putting ssh on a wierd port does work well in my experience, and it 
can be an alternative to solutions that introduce firewall rules
automatically in response to (perceived) abuse. Auotmated tools
may be risky if the administrator doesn't have direct access to the 
console, etc.

Christopher Davis