Submitted by Guaka on July 10, 2009 - 19:57
Sometimes wifi connections only allow connections to a limited range of ports. In Israel connections to ports over 1024 were seriously throttled. So I put the SSH server of one machine on port 22. When going through /var/log/auth last week I found many bots trying to enter with standard names. So I installed fail2ban, today I'm checking and everything is working fine. For your own safety you can set up IP addresses that can always come through. Merely putting sshd on a non-standard port seems to be a more adequate way to keep bots out. So the combination of fail2ban and a non-standard ssh port will be quite effective.