[Freedombox-discuss] sshd on non-standard port?
Quoting Sunil Mohan Adapa (2017-03-16 06:05:25)
> On Thursday 16 March 2017 01:46 AM, Daddy wrote:
>> I have the same experience - I'm using freedombox as (internet exposed)
>> router, and I get several root login ssh attempts from various ip
>> addresses every few seconds.
>> I've installed fail2ban, but as pam-abl is present, that was probably an
> Fail2ban is good choice in this case because we wish to stop attempts
> from happening (and logs from filling up). Fail2ban actively
> discourages an adversary by blocking their packet traffic which
> libpam-abl does not. Fail2ban also has the infrastructure for making
> web based login attempts harder.
> There have been previous discussions about adding fail2ban to
> FreedomBox by default. I opened a new issues to implement this
> fail2ban for SSH and Plinth. If someone is interested they can
> pick it up (slightly more than 'beginner' level difficulty).
pam-abl is more resource-efficient and arguably less brittle than
fail2ban, as it hooks into the login process itself whereas fail2ban
rely on parsing logfiles (which especially under attack can grow large).
pam-abl can be configured to block network traffic altogether - from a
quick search for "pam-abl iptables":
> 1) https://github.com/freedombox/Plinth/issues/759
> 2) https://github.com/freedombox/Plinth/issues/760
Can we please track Freedombox issues at our Debian bugtracker?
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes