30 Sep
2016
30 Sep
'16
12:41 p.m.
I've found that putting SSH on a non-standard port has dropped the
door-knockers to virtually zero.
They really are trying to find boxes with known, default passwords.
- Richard, VE7CVS
On 9/30/16 1:39 AM, Rob Janssen wrote:
That is certainly the best approach!
Also, whenever possible, I run those protocols on IPv6 only,
preferably on an
address that is not as well in DNS for other services on the host. They
cannot viably scan the IPv6 range so this obscurity hides the remote
access
quite well.
Rob