ssh

[TriRan]

haha i just noticed something sort of funny.. well it's funny now after the fact. i've already dealt with the situation but while setting up my server i had a long very long list of failed SSH attempts like 500 failed attempts in just one day. guess that goes to show you that you shouldn't use the default port for something like that lol

~ Mark

[CA3LE]

guess that goes to show you that you shouldn't use the default port for something like that lol

Yeah, it's always a good idea to change your SSH port. Once I started seeing hundreds of bruteforce attempts I quickly changed mine... haven't used port 22 since.

[TriRan]

yeah i had a few failed logins on ftp aswell they were really trying hard till i caught them and blocked all 4 of the ips used to do it

[dlewis23]

Changing the port is not actually the best solution because if anyone really wants to find out what port SSH is running on all they have to do is run a port scan to find it.

I have found the best solution is to actually bind SSH on one of the secondary IP's and do not use that IP for anything. Then they can port scan on the domain all they want and they will never find any SSH on that IP.

[TriRan]

yeah, that would do it too. however ipv4 ips are in short supply atm and are not the cheapest thing to add to a plan anymore

[dlewis23]

yeah, that would do it too. however ipv4 ips are in short supply atm and are not the cheapest thing to add to a plan anymore

Yea this would be of course if you had a few extra sitting around lol. Most VPS's now only give 1 IP but dedicated servers still get a few.