Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Modify Remote Login server to block scripted attacks' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Modify Remote Login server to block scripted attacks
Authored by: Honce on Feb 11, '05 10:43:19AM

This is a general networking security hint. Assuming:

1) you have a firewall between your Mac and the Internet and are using port forwarding to expose your Mac
2) the ssh client you're using remotely allows you to set the port to use to connect to the server

then, on your firewall/router change the Internet exposed port to something like 2022 and the leave the internal port to 22.

Today most of the attacks on hosts are from script kiddies who don't even bother to port scan for services. The scripts just bang on known ports.

YMMV -- Moving my Internet exposed port off 22 alone stopped all the attacks against my machine.

Also, by using different Internet exposed ports you can forward ssh connections to all your internal hosts. I usually just expose one host. I hardened that host and use it as a gateway to the rest of the machines on my internal network.



[ Reply to This | # ]