Saw one reply this morning about changing SSH to a different port. Not sure why people go changing their SSH port from 22 to something else, does not achieve anything, might just make you feel more secure. Go read about security through obscurity. If someone thinks you are hiding something you give them reason to go digging deeper looking for it.
All my SSH runs on port 22 across 9 different servers. They are all accessed using non password logins using certificates. They all run Fail2ban and all attackers get perma-banned. One attack of 3 attempts and it goes into recidive forever with the bantime set to -1and also gets reported to bad IP’s.com. In addition I run a daily cron which download sets of IP’s from BADips.com and generates a hosts.deny file on every server which keeps out 99% and then the other 1% are caught and reported to badips.com which strengthens the badips.com defense system too. You can get that script from here - https://github.com/mitchellkrogza/fail2ban-useful-scripts Be harsh with recidive when it comes to SSH if anyone but you is trying to connect to your SSH port they are sniffing and up to no good, block them out and be done with them. KR Mitchell From: Nick Howitt <[email protected]> Date: 09 September 2016 at 8:07:41 AM To: Grant <[email protected]>, [email protected] <[email protected]> Subject: Re: [Fail2ban-users] Persistent ssh bots Shut the WAN SSH port completely then use OpenVPN to get on to your LAN and access SSH as if you are connected to the LAN. On 08/09/2016 22:15, Grant wrote: What do you guys do about ssh bots that are repeatedly banned every 10 minutes? - Grant ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
