Re: Connection closed by [IP] port [port] [preauth]
deloptes wrote:
> +1 :( and I am not using standard port 22, so they scanned all 30000 ports
> and found out what is open (well filtered) and now are trying to do brute
> force on SSH. Others are trying to exploit apache/php & Co.
I'm using portsentry against this:
https://packages.debian.org/buster/portsentry
Let it sniff on some unused ports, like 445, 69, 8181, 5353, or 22. :-)
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
But beware to have a whitelisted IP address active. I locked myslef out,
after switching to a different computer, like fresh a installed Linux. :-)
Regards,
Klaus.
--
Klaus Singvogel
GnuPG-Key-ID: 1024R/5068792D 1994-06-27
Reply to: