Comment on How to harden against SSH brute-forcing?
ILaughBecauseFunny@feddit.dk 1 week agoBy all means, I am no expert, but isn’t it “just” the fail2ban?
Comment on How to harden against SSH brute-forcing?
ILaughBecauseFunny@feddit.dk 1 week agoBy all means, I am no expert, but isn’t it “just” the fail2ban?
sugar_in_your_tea@sh.itjust.works 1 week ago
Fail2ban blocks IPs that fail to connect repeatedly. A honeypot pretends fails worked and gives them a worthless environment to try to exploit. The purpose of fail2ban is to block attacks, the purpose of a honeypot is amusement and to waste attackers’ time.
ILaughBecauseFunny@feddit.dk 1 week ago
I understood the comment as “leave the port open to ssh, to easily allow fail2ban to hit the ip’s before they get through your full port range.” But thanks for the elaborate answer :)
I agree, what you described is much more work ;)