SSH Brute Force attempts
Dag-Erling Smørgrav
des at des.no
Tue Sep 30 10:00:07 UTC 2008
Oliver Fromme <olli at lurza.secnetix.de> writes:
> If you're merely annoyed about the large amount of logging entries
> caused by the break-in attempts, a good solution is to move the sshd
> service from the standard port 22 to a different, non-standard port
The best choice is 443, as many corporate firewalls, especially "guest"
wifi networks, block all but a few ports (usually 22, 80 and 443, and
sometimes 25).
There are other, more complicated tricks you can play; for instance, you
could set up a web server on the box, and configure it to tunnel SSH
using the HTTP Upgrade header; this would require modifications to both
ssh (to send the initial HTTP request) and sshd (to take over the
connection from the web server).
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-hackers
mailing list