Re: [CentOS] SSH attacks from china

24 Jul 2009


      Andreas Rogge wrote:
...
Am Donnerstag, den 23.07.2009, 19:45 +0100 schrieb Miguel Medalha:
...
I moved the ssh port from the standard 22 to a high port. The attempts 
to break into my servers disappeared. The logs are clean now. I would 
advise you to do the same. Choose a high (> 1024) unused port and 
configure the clients accordingly.
*cough*
A port > 1024 for SSH? Actually that means that if your sshd dies every
normal user can start to listen on that port with watever they want.
Of course, there is still the host key. However, AFAICT most normal
users just ignore host key changes...
I just do a portforward on the firewall to achieve that -> port 12345 on
the fw goes to 22 on the host :)
Cheers,
Ralph

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] SSH attacks from china