Skip to content

re: Hello, Worm!: Mapping SSH probes with a bash script VIEW POST

re: I run fail2ban on any internet-facing systems I'm responsible for. This article mad me curious, so I did a quick scan of my failed logins log (on m...

As much as I dislike "Security by obscurity", there's something to be said for having SSH listening on a non-standard port. My lastb output contains zero failed logins, and the last output shows only expected entries.

I do have various other mechanisms in place to secure SSH, I'm not relying on the non-standard port, but it certainly cuts down the crap.


Unfortunately, as a consultant, I initiate connections from a wide variety of locations. Some of those locations block "weird" ports. So, moving to non-default port is generally not an option for me.

code of conduct - report abuse