[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Connection closed by [IP] port [port] [preauth]



deloptes wrote:
> +1 :( and I am not using standard port 22, so they scanned all 30000 ports
> and found out what is open (well filtered) and now are trying to do brute
> force on SSH. Others are trying to exploit apache/php & Co.

I'm using portsentry against this:
https://packages.debian.org/buster/portsentry

Let it sniff on some unused ports, like 445, 69, 8181, 5353, or 22. :-)

https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

But beware to have a whitelisted IP address active. I locked myslef out,
after switching to a different computer, like fresh a installed Linux. :-)

Regards,
	Klaus.
-- 
Klaus Singvogel
GnuPG-Key-ID: 1024R/5068792D  1994-06-27


Reply to: