On 04/07/2019 12:52 PM, caioau wrote:
Hi, I been running a relay for almost 1,5 year, and in the beginning I didn't change the default 22 ssh port but a lot of people were trying to login , no worries I only allow public key authentication.
So I was wondering if I could record the attacks, so I find this https://haas.nic.cz/ service and I'm running on my relay, is it a good idea?
Thanks
Sent with ProtonMail Secure Email.
There's also endlessh:
| Endlessh is an "SSH tarpit that very slowly sends an endless, | random SSH banner. It keeps SSH clients locked up for hours or | even days at a time. The purpose is to put your real SSH server | on another port and then let the script kiddies get stuck in | this tarpit instead of bothering a real server.