[nmglug] ssh attacks
Akkana Peck
akkana at shallowsky.com
Mon Aug 8 09:42:16 PDT 2022
John Osmon writes:
> Look into fail2ban -- it is on most linux distros I'm used to seeing.
> It may do something that helps your situation.
>
> Changing to another port does help cosmetically. (It also allows you to
> run something on a port that captive portals allow through -- say,
> 53...)
Both of those have helped on our server, though we still get plenty
of attacks. But if you run something like fail2ban, make sure you
have some sort of out-of-band option to get to the server in
emergencies: it's a real drag when due to some weird circumstance
you end up locked out of ssh to your own server.
...Akkana
More information about the nmglug
mailing list