[NCLUG] iptables ssh protection, but with Linksys WRT54G DD-WRT?

Bob Proulx bob at proulx.com
Sun Apr 16 16:52:51 MDT 2006


Sean Reifschneider wrote:
> Jeffrey D. Means wrote:
> >without password access, PKI only for logins along with changing my port
> >to 2600.  Hope this helps someone a little.
> 
> Moving the port was something I brought up on Tuesday at the meeting,
> because I've been doing it since the mid-'90s.  It's easy enough to
> port-scan for SSH since it pushes out the banner, but moving it to a
> different port has prevented most of the current noise related to password
> cracking attacks.

I guess I will continue to face the teeth of the storm and keep my ssh
port at the standard and well known location.  I don't believe the
noise in the log files is enough reason to hide on another port.  You
could always scrape out the noise before looking at the log file.
(shrug)

It is a shame that the anonymity of the internet allows what are
mostly script kiddies to get away with trying lifting the windows with
a pry bar.  If it were physically your house you would be able to
identify them and they would not be able to do this.  At least not
routinely.  Someone would eventually shoot them and leave the remains
as a warning to others. :-) But on the net we have been unable to
prevent the abuse.

Bob



More information about the NCLUG mailing list