Comment on How to harden against SSH brute-forcing?
sugar_in_your_tea@sh.itjust.works 3 weeks agohoneypot
That’s a lot more work.
Comment on How to harden against SSH brute-forcing?
sugar_in_your_tea@sh.itjust.works 3 weeks agohoneypot
That’s a lot more work.
ILaughBecauseFunny@feddit.dk 3 weeks ago
By all means, I am no expert, but isn’t it “just” the fail2ban?
sugar_in_your_tea@sh.itjust.works 3 weeks ago
Fail2ban blocks IPs that fail to connect repeatedly. A honeypot pretends fails worked and gives them a worthless environment to try to exploit. The purpose of fail2ban is to block attacks, the purpose of a honeypot is amusement and to waste attackers’ time.
ILaughBecauseFunny@feddit.dk 3 weeks ago
I understood the comment as “leave the port open to ssh, to easily allow fail2ban to hit the ip’s before they get through your full port range.” But thanks for the elaborate answer :)
I agree, what you described is much more work ;)