Comment on I use Zip Bombs to Protect my Server
frezik@midwest.social 2 weeks agoWhen it comes to attacks on the Internet, doing simple things to get rid of the stupid bots means kicking 90% of attacks out. No, it won’t work against a determined foe, but it does something useful.
Same goes for setting SSH to a random port. Logs are so much cleaner after doing that.
airgapped@piefed.social 1 week ago
Setting a random SSH port and limiting it to 3/min saw failed login attempts fall by 99% and jailed IPs fall to 0.
WFloyd@lemmy.world [bot] 1 week ago
I’ve found great success using a hardened ssh config with a limited set of supported
Cyphers/MACs/KexAlgorithms. Nothing ever gets far enough to even triggerfail2ban. Then of course it’s key only login from there.