Comment on How to harden against SSH brute-forcing?
sugar_in_your_tea@sh.itjust.works 1 day agohoneypot
That’s a lot more work.
Comment on How to harden against SSH brute-forcing?
sugar_in_your_tea@sh.itjust.works 1 day agohoneypot
That’s a lot more work.
ILaughBecauseFunny@feddit.dk 19 hours ago
By all means, I am no expert, but isn’t it “just” the fail2ban?
sugar_in_your_tea@sh.itjust.works 16 hours ago
Fail2ban blocks IPs that fail to connect repeatedly. A honeypot pretends fails worked and gives them a worthless environment to try to exploit. The purpose of fail2ban is to block attacks, the purpose of a honeypot is amusement and to waste attackers’ time.
ILaughBecauseFunny@feddit.dk 15 hours ago
I understood the comment as “leave the port open to ssh, to easily allow fail2ban to hit the ip’s before they get through your full port range.” But thanks for the elaborate answer :)
I agree, what you described is much more work ;)