Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
sltkr
on June 2, 2023
|
parent
|
context
|
favorite
| on:
Brute.Fail: Watch brute force attacks fail in real...
That seems like overkill. I just disable password authentication, and use SSH public keys only. It prevents brute force attacks completely.
ravi-delia
on June 3, 2023
|
next
[–]
It's not for security, it's public service and entertainment
BrandoElFollito
on June 2, 2023
|
prev
[–]
This, and move the endpoint on an uninteresting port to lower the noise in the logs
NoZebra120vClip
on June 2, 2023
|
parent
|
next
[–]
I suppose it may do that, but naïvely switching to an alternate port may lull one into a false sense of security:
https://utcc.utoronto.ca/~cks/space/blog/sysadmin/SSHAltPort...
Shodan will find and fingerprint you easily enough.
michaelcampbell
on June 3, 2023
|
root
|
parent
|
next
[–]
In theory. I have a server running on a weird port, but with fail2ban just in case. I haven't had even a blip of an attempt on it.
KMag
on June 2, 2023
|
parent
|
prev
[–]
... and avoid automated attacks in case a 0-day in the pre-authentication OpenSSH server code shows up
hsbauauvhabzb
on June 2, 2023
|
root
|
parent
[–]
If there’s a preauth RCE in ssh, I’m sure threat actors will start scanning non default ports once their hornets have hit critical mass.
Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
