[arch-general] HTTP spam from China

Ralph Corderoy ralph at inputplus.co.uk
Tue Feb 26 16:40:10 UTC 2019


Hi Juha,

> > It's why I keep my SSH servers on a non-standard port. I know it
> > doesn't prevent someone from discovering it, but it cuts out 99.99%
> > of all those attacks, being able to filter out connection attempts
> > to port 22
>
> Same. For easy ports to remember, I like to combine powers of two
> (e.g.  25664 (256-64) or 25632). Easy to remember and non-standard.

I go for $RANDOM that's five digits and a valid port number.
To avoid remembering it, I add it to ~/.ssh/config, e.g.
`ssh foo' with

    Host foo
    Hostname foo.bar.xyzzy.com
    Port 16747

-- 
Cheers, Ralph.


More information about the arch-general mailing list