Re: [OT] Is it possible to hide the ip in ssh connection
On Tuesday 21,August,2012 07:48 PM, Eike Lantzsch wrote:
> On Monday 20 August 2012 09:59:47 lina wrote:
>> Hi,
>>
>> I ssh to a server which has 400+ users, active ones around 100.
>>
>> Frankly speaking, I would feel comfortable to hide my IP if possible,
>>
>> any suggestions (I checked the spoof, but seems not positive),
>>
>> Thanks with best regards,
>
> Hi lina!
>
> I followed the thread and I wonder why nobody recommended to change sshd to
> listen on any other port than 22, e.g. 2424. That will calm down most attacks
> / probing of ssh.
That's very nice of you, I guess default many people had already changed
that port, and they thought I would have realized that earlier it's one
way of facing it.
Well, I just made the change to the sshd_config to some other port and
also changed the iptables.
> Also I wondered why nobody recommended to install DenyHosts?
will install it.
> I installed it on my OpenBSD gateway and it is quite funny to see which
> usernames and passwords are tried to get into the box.
> That was with sshd still listening on port 22. Now that it is on another port
> there were no probes whatever for about a year. Stupid hacking!
>
> Of course you need to inform your ssh users of the change. If the same
> machines on your own network still attack ssh than it should be easy to figure
> out which machine is doing that by looking at the MAC-address.
quite interesting, how can I know its MAC address.
Today I sent the email to administrator, here quote what he answered
me:"Do you wish to change password just to be sure? Once you change, you
let me know, I'll rsync all the password file. It could be a robot."
"
So I think it's better not bother him much. he didn't talk the questions
I asked and he referred that I should change password of those servers.
Best regards, and also thanks all for your time and valuable suggestions,
>
> Kind regards,
> Eike
>
>
Reply to: