[ale] 300,000 failed login attempts in 6 months!!!
Mike Harrison
meuon at geeklabs.com
Tue Aug 19 19:05:15 EDT 2008
>> Save yourself some trouble and run SSHD on a non-standard port.
>
> I keep seeing this said over and over again, and I keep wondering: Are
> the attackers _really_ that stupid? Wouldn't a simple portscan prior to
> attempting to attack get rid of any benefit that this would provide?
Like I said before, it's not any more secure,
it just cuts down the background noise level.
A directed attack will scan you.. possibly over hours or weeks.
and knows a lot about your system.
A default SSH answers like this:
-----------------------------------
#telnet foo.com 6969
Trying 14.205.139.1...
Connected to foo.com
Escape character is '^]'.
SSH-2.0-OpenSSH_4.6p1
-----------------------------------
Pretty easy to find a simply moved SSH port.
But it WILL cut down the background noise of various stupid
scanner bots knocking on your doors.
More information about the Ale
mailing list