On Wed, Jul 12, 2017 at 3:10 PM, Jon LaBadie <jonfu@xxxxxxxxxx> wrote: >> > It is not complicated finding SSH running on a different port using Nmap: >> >> That's true. It's also true that the vast majority of scriptkiddies don't >> do that. Quite seriously, moving SSH off port 22 *will* and *does* drop >> the vast majority of doorknob rattling. >> >> > Suggest adding something like Fail2Ban to slow down the password guess >> > attempts against SSH. >> >> True. Not only that, but also adding DenyHosts. > > What are the benefits of running both? DenyHosts and Fail2Ban do the same thing, with the later able to protect other applications other than SSH from bruteforce dictionary attacks by limiting connection attempts. Fail2Ban uses IPTables, DenyHost uses hosts.deny. So, you should use one or the other. You can also use pure IPTables with Port Knocking as another option. Best, Frank Pikelner _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
