Re: ssh doesn't work.
On Wed, 7 Dec 2016 15:54:46 -0500
Henning Follmann <hfollmann@itcfollmann.com> wrote:
> On Wed, Dec 07, 2016 at 11:28:53PM +0300, Reco wrote:
> > Hi.
> >
> > On Wed, 7 Dec 2016 21:14:51 +0200
> > Antti Talsta <atalsta@nothingtosee.org> wrote:
> >
> > > On Wed, Dec 07, 2016 at 01:49:34PM -0500, Greg Wooledge wrote:
> > >
> > > > Changing the port at least decreases the number of brute force attacks
> > > > against you, which saves resources (bandwidth, CPU) that are otherwise
> > > > wasted by the attackers.
> > >
> > > How about fail2ban for that?
> >
> > How fail2ban can help against an army of bots trying one single
> > password per bot?
> >
> That actually works well. Usually it's multiple attempts from one ip.
> fail2ban catches exactly that. And then blacklists that ip.
Probably it is so. It's been awhile since I ran publicly accessible
sshd on port 22 with password authentication enabled.
Personally I prefer a bunch of simple iptables rules to fail2ban
though. After all, why bother running a userspace tool, if you can
force the kernel itself to do the job?
Reco
Reply to: