Mailinglist Archive: opensuse (1570 mails)

< Previous Next >
Re: [opensuse] Coordinated, distributed ssh attacks?
  • From: "David C. Rankin" <drankinatty@xxxxxxxxxxxxxxxxxx>
  • Date: Sun, 4 Oct 2009 03:06:22 -0500
  • Message-id: <200910040306.23572.drankinatty@xxxxxxxxxxxxxxxxxx>
On Sunday 04 October 2009 02:16:32 am Hans Witvliet wrote:
On Sat, 2009-10-03 at 19:28 -0500, David C. Rankin wrote:
Have you moved ssh to a high port yet? If you do, all noise on your ssh
port will cease. Worth its weight in gold!

Untill they do a full nmap, and decide that if it's a unix machine and
port-22 is not there, it might be worthwhile scanning port 2222 or so..

It's what my cert-team calls: "security through obscurity"


But unless someone is targeting YOU, all the script kiddie nonsense on
22 will be completely eliminated. I have two hosts that sit exposed on the net
and about 1.5 years ago, I got fed up with all the crack attempts I would
receive against port 22 (300 - 3000+ per day, EVERY day). Since moving ssh to
a high port, I have had ZERO crack attempts.

300 to 3000+ attempts PER DAY --> down to ZERO in a year-and-a-half.

(Like I said --> Worth its weight in gold ;-)

David C. Rankin, J.D.,P.E.
Rankin Law Firm, PLLC
510 Ochiltree Street
Nacogdoches, Texas 75961
Telephone: (936) 715-9333
Facsimile: (936) 715-9339
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >