Thousands of ssh probes
Randal L. Schwartz
merlyn at stonehenge.com
Fri Mar 5 15:52:23 UTC 2010
>>>>> "John" == John <john at starfire.mn.org> writes:
John> Yes - that's exactly what I used to do, and exactly why I used to do
John> it, but now I'm thinking of actually implement https.
Rent more than one IP. :) I have a block of 8 for exactly that reason.
It allows me to run sshd on 443 *and* https on a different 443,
and a mailer on one 25 and a high-mx mail spamtrap on another port 25.
stonehenge.com mail is handled by 5 blue.stonehenge.com.
stonehenge.com mail is handled by 666 spamtrap.stonehenge.com.
The spamtrap is a shiny object for spam, and anything that goes there gets
blocked for an hour from hitting the low port. I presented this at a
conference once.
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn at stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
More information about the freebsd-questions
mailing list