On Tuesday 05 April 2011 11:27:49 Rudi Ahlers wrote:
On Tue, Apr 5, 2011 at 10:17 AM, John Hodrien J.H.Hodrien@leeds.ac.uk
wrote:
On Tue, 5 Apr 2011, rrichard@blythe.org wrote:
- Move sshd to another
port, one higher than 5000
I'd have mixed feelings about the Wisdom of running on a non-reserved port.
Why,
We've been running SSH on hundreds of servers on a port higher than 5000 for year now and no problems at all.
I'm also running ssh on non standard port for more then 7 years and this is on a couple of thousend servers. Its not a problem if you simply add 'Port XXX' to your ~/.ssh/config .
However, the traffic to ssh has reduced with only 40%. In the begining it was very good, we were surprised, how almost all failed attempts dissapeared. But in the following months that number increased and reached 60-65% of the original number.
Introducing a Hawk helped us a lot. Tools like Hawk and fail2ban are quite useful, actually only thinks like that have good impact on the bruteforce attempts.
Regards, Marian Marinov