Vic
Agreed, and the bot-driven brute force attempts are harmless enough if
you're not using password authentication.
But I take a "run silent run deep" attitude in that I want to reveal as
little information as possible about what I'm running on my home network
because I never know if some human isn't going to look through those bot
logs and try to manually break into my systems - the less information that
human has about my network, the more difficult a task he/she has of getting
in.
There's other things you can do that help - I can't remember the application
names because I don't use them but there are daemon applications that
monitor for brute force attempts and if, say, more than 10 come from a
particular IP address within the space of a minute, it can block that IP
address temporarily or permanently by using TCP Wrappers or an iptables
firewall rule.
There's even a port knocking application that will wait to see incoming
requests on two or more pre-agreed ports and if the knocks on those ports
are in the correct order, it will open up the SSH server for you to access.
--Peter
On 22 June 2011 09:01, Vic <lug@???> wrote:
>
> > What I tend to do (when it works despite bugs in the BT Home Hub
> firnware)
> > is link the incoming port number to the static IP address on my internal
> > network
>
> What I do is to run my external SSH daemon configured to accept key-based
> logins only.
>
> I run it on port 22. I get *thousands* of attempted logins. But mine are
> the only ones that succeed :-)
>
> Vic.
>
>
> --
> Please post to: Hampshire@???
> Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
> LUG URL: http://www.hantslug.org.uk
> --------------------------------------------------------------
>
