[BUGS] Constant SSH login spam
Sunnz
sunnzy at gmail.com
Tue Feb 5 13:33:50 EST 2008
2008/2/5, Bernie Maier <bugs at lists.blurk.net>:
>
> > [...] Then, when eventually work
> > tightened up its own policies and stated they would only allow SSH outbound
> > on port 22, I just set up a firewall rule to allow only work's IP address
> > to connect via port 22.
>
> So, from anywhere outside my (old) work location, I could SSH in on my
> non-standard port (which, as may have been mentioned, is completely
> transparent once you set up your personal, host-specific SSH config
> options), and from inside work I just used port 22 from that single IP
> address (well, a pair of IP addresses, actually). But since port 22
> wasn't open to every script kiddie and their script dogs, I didn't get
> the login spam.
>
> Cheers,
>
But again that assumes you are ssh from a fixed IP range.
I personally run sshd on port 22 AND port 80 to maximise the chances
of being able to ssh back home from as many place as possible. So
rather than trying to avoid login spam by obscuring the port, I would
have to deal with it the proper way, by defending against as is rather
than avoiding it.
And the fact that I already have pf up and running, adding a single
line of rule isn't exactly rocket science.
--
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
More information about the BUGS
mailing list