[arm-allstar] NOTICE for user's with public ssh on port 222
David McGough
kb4fxc at inttek.net
Mon Mar 6 16:39:10 EST 2023
Hi Jeff,
I'll post more about this, I've got a very functional, tested and easy to
install solution which uses dynamic iptables/ipset blocklists.
In the meantime, the simplest mitigation technique is to use an obscure
ssh port for connections. Don't use any port ending in "22"!! So, perhaps
try port 3491, 61726, 48711, 9843, etc. But, NOT 2222, 3422, 6522, etc.
While many will not recommend this simple strategy since it's not
foolproof, in my experience this will stop 99%+ of the attacks.
You can change the ssh port used admin menu option #8, or directly modify
the sshd config file here: /etc/ssh/sshd_config ....Look for the "Port"
parameter near the top of the file.
73, David K4FXC
On Mon, 6 Mar 2023, Jeff Jurenka via ARM-allstar wrote:
> Where did this part of the project get to?
It seems that my private node has become all the rage in India for
attacking. I am receiving about 600 attempts per hour right now and would
love to have my node do actual ALLSTARLINK stuff without the overhead of
hackers and their unaddressed dictionary attacks.
Thank you
Jeffrey
On Sun, Apr 5, 2020 at 7:38 PM "Al Beard via ARM-allstar" <
arm-allstar at hamvoip.org> wrote:
> Hi,
>
> This will get you the SSHD info to check:
>
> journalctl _COMM=sshd -n 1000 > sshd.log
>
> Fedora linux uses "systemd" but still creates most of the "standard"
> unix log files such that sys-admin's scripts will still mostly work.
>
> I've been using Fedora on ARM systems because they put quite an effort
> into supporting many many boards AND I could move the root (/) filesystem
> onto a real hard disk either USB or SATA (as in the Banana Pi) and have no
> and I mean NO SD card wear out problems.
> And, the kernel update process worked seamlessly. dnf -y upgrade
>
> My first Raspberry Pi version 1 with 256Mb ram would burn out an SD card
> in a day. Thus, with SATA disks everywhere I looked for a SoC with a SATA
> interface and found the Allwinner A20 chip on the Banana Pi board did.
>
> Alan VK2ZIW
>
> On Sun, 5 Apr 2020 17:31:47 -0700, \"Tony via ARM-allstar\" wrote
> > On 4/5/20 4:44 PM, "David McGough via ARM-allstar" wrote:
> > > ... I'll upload a copy of the code I'm using, if you'd like to
> experiment
> > > with it? This code will get wrapped into a package included in
> HamVoIP,
> > > ultimately.
> >
> > Is it essentially a Hamvoip-specific configuration for the fail2ban
> package?
> > _______________________________________________
> >
> > ARM-allstar mailing list
> > ARM-allstar at hamvoip.org
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>
>
> ---------------------------------------------------
> Alan Beard
>
> OpenWebMail 2.53
>
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>
_______________________________________________
ARM-allstar mailing list
ARM-allstar at hamvoip.org
http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
More information about the ARM-allstar
mailing list