[arm-allstar] SSHD attacks
Danny K5CG
k5cg at hamoperator.org
Sat Jan 9 18:24:52 EST 2021
Or you could disable access to ssh (at the firewall) and use another remote access method.
https://www.dwservice.net
Simple to install, simple to use, 2FA if you want it.
----- Original Message -----
> From: "David McGough via ARM-allstar" <arm-allstar at hamvoip.org>
> To: "Brad Trogdon via ARM-allstar" <arm-allstar at hamvoip.org>
> Cc: "David McGough" <kb4fxc at inttek.net>, "Brad Trogdon" <Brad at trogdon.org>
> Sent: Saturday, January 9, 2021 9:48:54 AM
> Subject: Re: [arm-allstar] SSHD attacks
> Brad,
>
> I recommend changing the ssh server to use a non-standard port and then
> adding some iptables filtering to limit excessive connections. I wrote a
> small filter helper in C (hvutmptail program), which is very lightweight.
>
> I don't recommend running fail2ban on an RPi system, since fail2ban itself
> can be a resource hog.
>
> 73, David KB4FXC
>
>
> On Sat, 9 Jan 2021, "Brad Trogdon via ARM-allstar" wrote:
>
>> Howdy all, Looking through the threads I don't see a direct answer.
>>
>> I am getting pounded by login attempts and have turned off the port. My
>> question is should I set up fail2ban or Sshguard to discourage open
>> hammering? Is there anything included in the HamVoIP image that I could
>> take advantage of?
>>
>> -Brad W4INT
>> _______________________________________________
>>
>> ARM-allstar mailing list
>> ARM-allstar at hamvoip.org
>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>
>> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>>
>
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
More information about the ARM-allstar
mailing list