[PLUG] Denyhosts, Cracking Attempts, and Intensity
Quentin Hartman
qhartman at gmail.com
Fri Jun 5 15:31:29 UTC 2009
Just wanted to comment that the super-wimple way to avoid all this headache
is to run SSHD on a non-standard port. I never get scans like that on my
boxes which are on weird ports. To make connecting to the machines easy (and
to keep things like rsync and scp happy) and not have to remember a bunch of
command line switches, I put my "weird" port in my user's .ssh/config file
like this:
host *
Port 12345
And then if there are machines I connect to regularly that need different
settings I add entries like:
host someserver
User thatguy
Port 22
You can even setup automatic proxying (with netcat) and stuff:
host server_needs_a_proxy.domain.com
ProxyCommand ssh server_I_bounce_through.domain.com nc -w 1 %h 22
Anyway! a little OT, but I hope someone finds it useful.
QH
More information about the PLUG
mailing list