SSH Password Gropers Are Now Trying High Ports 349
badger.foo writes "You thought you had successfully avoided the tiresome password guessing bots groping at your SSH service by moving the service to a non-standard port? It seems security by obscurity has lost the game once more. We're now seeing ssh bruteforce attempts hitting other ports too, Peter Hansteen writes in his latest column." For others keeping track, have you seen many such attempts?
Re:Low Hanging Fruit (Score:5, Funny)
You can brute force a key to....it just takes much, much, much, much longer....
Re:Low Hanging Fruit (Score:5, Funny)
I do security by antiquity (Score:5, Funny)
You see, I don't use SSH, I use plain old telnet. That's right! These kiddies never heard of it!
And if they actually get in, I have a few gigabytes of stories growing up that they have to read. Like the time I was growing up in Idaho. We wore onions on our belts because that was the style back then, Benny Goodman was all the rage and I'd take my best girl - Betsy - to the church dance ... we were all Presbeterian in that town and with one church, new people would just go there - even the Jews because there wasn't a Synagogue - but that's another story and I won't bore you with that because I can be a bit long winded at my age - so anyway my best girl got her new dress and we over to the next town to Jo's soda shop - he had the BEST malts in the entire area - and the whipped cream was made fresh from a local dairy farm - farmer brown's was his name - he served in WWI as an infrantry man in France and boy the stories he told about those French girls - like the one he met, Jaquoline I think or it was Juliette - she had dark hair and hazle eyes and her father was a banker for a German who had a home in France before the war - of course when the war started the Germen businessman had to run home and he ended fighting himself, even though his father pulled some mighty strings to get him out of the German army ...ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
Re:Just lock em out... (Score:5, Funny)
Back at university someone would always use this one lecturer's five login attempts up at some random time once a week. I wonder what large companies do to prevent disgruntled employees trying to log in as steve.jobs or bill.gates and DoSing them every day.
Re:No (Score:5, Funny)
I'd never heard of "security through ignorance", but I find it compelling.
Perhaps we could call it "ostriching ".
Re:No I haven't, and here is why: (Score:5, Funny)
I've setup port-knocking to open the port I actually use for SSH, and my SSH key is passphrase protected. Passphrase not password.
Pfft. Lightweight. Nobody's ever getting into my passnovelseries-protected pubkey. Passnovelseries not passnovel.
And I change languages and character sets every chapter.
Re:No I haven't, and here is why: (Score:5, Funny)
I've setup port-knocking to open the port I actually use for SSH, and my SSH key is passphrase protected. Passphrase not password.
Pfft. Lightweight. Nobody's ever getting into my passnovelseries-protected pubkey. Passnovelseries not passnovel. And I change languages and character sets every chapter.
Not bad, not bad! But I'll share a little pro-tip with you; I do all the above, PLUS I turn my monitor upside down when I'm typing in my passphrase so that even if someone stole my SSH key, they'd still have to figure out it's orientation!!
Not a problem (Score:5, Funny)
I'm running my ssh server on port 23¾ now; that ought to keep the muggles out for a while.