[geeks] SSH Scans Increasing
Dan Duncan
danduncan at gmail.com
Thu Aug 21 18:45:49 CDT 2008
On Thu, Aug 21, 2008 at 10:20 AM, Joshua Boyd <jdboyd at jdboyd.net> wrote:
> Wouldn't it be a bit simpler to just run ssh on 2 ports, 22 with a
> whitelist and something else without, rather than port knocking?
This doesn't trim your logs though.
I'm running portknocking implemented entirely in my iptables firewall
AND a whitelist of IP addresses/blocks also implemented entirely in
the firewall with ssh only running on port 22. Addresses in the
whitelist don't need to knock.
--
Dan Duncan
More information about the geeks
mailing list