[Cialug] denyhosts logging LOTS of attacks

Dave Crouse crouse at usalug.net
Tue May 13 12:16:51 CDT 2008


I never run ssh on the standard port 22 anymore..... changing the port
number alone will significantly reduce the number of logged attacks.

Dave Crouse




On Tue, May 13, 2008 at 11:49 AM, Kendall Bailey <krbailey at gmail.com> wrote:

> I run an SSH server on port 22 as my only public service.  I run the
> denyhosts daemon to protect against dictionary attacks and lock down
> SSH pretty thoroughly in other regards, but still allow connection
> from any host otherwise.  The last few days I've seen hundreds of
> hosts logged by denyhosts.  Anyone know why random dictionary attacks
> might be spiking?  Is it widespread?  I'm considering closing that
> port for a while.
>
> Thanks.
> Kendall
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20080513/7e5aa8b2/attachment.html


More information about the Cialug mailing list