[colug-432] SSH
Richard Hornsby
richardjhornsby at gmail.com
Wed Mar 9 22:32:26 EST 2011
>
> I had to change the SSH port on my publicly facing machines because I
> was getting hammered by script kiddies trying every weak password in
> the book. They might have never gotten in, but I didn't want to take
> that chance. Annoying. So now I have to specify my non-standard
> port. I hate it. There are other ways to defend. I may use one or
> more of them in the future (eg: maybe port knocking).
I thought there was a way to increasingly slow down multiple failed attempts from the same connection, but I'm not seeing it in the sshd_config manpage. Maybe xinetd could possibly do this? Even small delays can help make it not worth it.
-rj
More information about the colug-432
mailing list