[arm-allstar] SSHD attacks
Brad Trogdon
Brad at trogdon.org
Sat Jan 9 10:55:18 EST 2021
Thanks for the tip! A little more digging I did see that that note was a
focus. This one is non standard but somehow got found. :/
The filter helper you referenced how can I find info on that puppy? And
what started my looking is all of a sudden all my Reverse SSH connections
are failing. Love the hobby keeps me with things to do and investigate.
-Brad
On Sat, Jan 9, 2021 at 10:48 AM David McGough <kb4fxc at inttek.net> wrote:
>
> Brad,
>
> I recommend changing the ssh server to use a non-standard port and then
> adding some iptables filtering to limit excessive connections. I wrote a
> small filter helper in C (hvutmptail program), which is very lightweight.
>
> I don't recommend running fail2ban on an RPi system, since fail2ban itself
> can be a resource hog.
>
> 73, David KB4FXC
>
>
> On Sat, 9 Jan 2021, "Brad Trogdon via ARM-allstar" wrote:
>
> > Howdy all, Looking through the threads I don't see a direct answer.
> >
> > I am getting pounded by login attempts and have turned off the port. My
> > question is should I set up fail2ban or Sshguard to discourage open
> > hammering? Is there anything included in the HamVoIP image that I could
> > take advantage of?
> >
> > -Brad W4INT
> > _______________________________________________
> >
> > ARM-allstar mailing list
> > ARM-allstar at hamvoip.org
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> >
>
>
More information about the ARM-allstar
mailing list