SSH and Telnet ports
Christopher Davis
loafier at gmail.com
Mon Dec 15 16:18:56 UTC 2008
On Mon, Dec 15, 2008 at 08:41:16AM +0100, Marco Bonetti wrote:
> Hi,
> there should be an ongoing "new" bruteforce attack against ssh, take a
> look at http://www.theregister.co.uk/2008/12/08/brute_force_ssh_attack/
> I don't see any reason, for now, on worrying about it. Use the programs
> already suggested on this list to ban hosts (which could cause some
> interesting side effects if you're denying connections between your relay
> and other tor nodes) or, simpler, move ssh on a non standard port. It's a
> bit of "security through obscurity" but, at least, it's greatly effective
> in cutting out script kiddies traffic (and leaving in only the more
> interested attackers :-P ).
>
Putting ssh on a wierd port does work well in my experience, and it
can be an alternative to solutions that introduce firewall rules
automatically in response to (perceived) abuse. Auotmated tools
may be risky if the administrator doesn't have direct access to the
console, etc.
--
Christopher Davis
More information about the tor-talk
mailing list