June 7, 20197 yr I've forwarded my SSH port for personal use to something uncommon how do "they" find it?, or how are they hitting my logs Edited June 7, 20197 yr by Fiservedpi Internet Scanners :(
June 7, 20197 yr Automated port scans. VPN server hosted on your router or similar is a better option.
June 7, 20197 yr You really can't leave it open on any port- they will find it. Jonathan is right- vpn into your network for ssh access. Alternately, if you are a linux master and know snort at all- you can setup a port knocking scheme that would hit one port- then another- and it would open a new port of your choosing- then close it when the connection is over. Fun to play with that kind of stuff if you have the aptitude. Just google port knocking, there are tons of tools to help with setup.
June 7, 20197 yr some firewalls have the ability to ignore scans if a given source hits XX number of ports. Sophos has that ability.
June 8, 20197 yr 13 hours ago, jordanmw said: Alternately, if you are a linux master and know snort at all- you can setup a port knocking scheme that would hit one port- then another- and it would open a new port of your choosing- then close it when the connection is over. Fun to play with that kind of stuff if you have the aptitude. Just google port knocking, there are tons of tools to help with setup. Can this be accomplished without a Sophos or Snort internet connection. What about those who have brain dead Comcast, Roadrunner, Verizon etc routers and can't or don't want to replace them. Can this be accomplished completely in unRaid iptables after opening up a bunch of ports on the router?
Archived
This topic is now archived and is closed to further replies.