fail2ban and sshd on non-standard port

Submitted by Kasper Souren on July 10, 2009 - 18:57
Sometimes wifi connections only allow connections to a limited range of ports. In Israel connections to ports over 1024 were seriously throttled. So I put the SSH server of one machine on port 22. When going through /var/log/auth last week I found many bots trying to enter with standard names. So I installed fail2ban, today I'm checking and everything is working fine. For your own safety you can set up IP addresses that can always come through. Merely putting sshd on a non-standard port seems to be a more adequate way to keep bots out. So the combination of fail2ban and a non-standard ssh port will be quite effective.
2sr3ipuwcm

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.