Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
RE: [suse-security] Openssh + security
> now I am a sada guy, with no IP?s to have some fun..
> (yes, I do usually do something with who attacks me, have even made a
> software to serch the logs and log all unique IP?s, and login attempts
into a mysql table...)

I don't allow password based login into my machines, so these attacks pose
no threat.
But if you make your ssh daemon listen above port 32000, chances are 90% 0f
port scanners will not bother to search that high so the real threats are
further marginalised.

As for logging IP's to have "fun" as you call it.
You can use your firewall logs to check who is trying to connect to port 22.

All of your legitimate users will know about the change, so the ONLY people
connecting to port 22 will be people who have no right to be on the
machines.
So you can still have "fun".

By the way, how much fun is it trying to sift through files, call ISP's, lay
complaints.

Does Brazil have a nice mechanism to do this with with good support from the
ISP's?

B
< Previous Next >
References