Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wednesday, 2021-03-03 at 08:04 -0800, Lew Wolfgang wrote:
On 3/3/21 3:52 AM, Carlos E. R. wrote:
Mitigations for the future:
- Don't open ssh port 22, use a high port on a strange number (not 50000, for instance).
Changing ports might help a bit, but dedicated hackers can discover moved ports easily.
Absolutely. It is only a matter of time.
They have not found mine... :-)
How are you so sure? Maybe they're using an nmap "stealth" scan and know about your open ports? Maybe they just haven't tried to connect yet?
Because an ssh attempt is logged.
Maybe re-read what Lew wrote :-)
The only strange entries are some like this:
<4.6> 2020-03-07T09:39:57.547577+01:00 Isengard sshd 6958 - - Bad protocol version identification '\003' from 45.148.121.4 port 63970 [snip]
Someone knows about an open port. -- Per Jessen, Zürich (8.2°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland.