[arm-allstar] error log
Tony Ross
ynotssor at yahoo.com
Fri May 24 13:56:30 EDT 2019
On 5/18/19 11:34 PM, "Doug Crompton via ARM-allstar" wrote:
> Most of us only open the IAX port for incoming connections which is not a problem and the ssh port which is not a problem if you use strong passwords.
One of the repeater owners/operators that I support asked for help last
year, as he was having difficulties with ssh access on port 22. After
much difficulty myself I gained access and analyzed the log files. Usng
simple Linux command-line tools I could see that his port 22 had
encountered over 3.7 /*million*/ root attempts in 48 hours from a block
of 7 IP addresses in APNIC Asia Pacific somewhere), essentially
crippling the machine with denial of service. His root password was
strong enough that access was not gained, however.
I changed the ssh port to something else (e.g. 41022) and the problem
was gone. Using port 22 for ssh is an open invitation to the world to
try and gain ssh access.
More information about the ARM-allstar
mailing list