Fiservedpi Posted June 7, 2019 Share Posted June 7, 2019 (edited) I've forwarded my SSH port for personal use to something uncommon how do "they" find it?, or how are they hitting my logs Edited June 7, 2019 by Fiservedpi Internet Scanners :( Quote Link to comment
JonathanM Posted June 7, 2019 Share Posted June 7, 2019 Automated port scans. VPN server hosted on your router or similar is a better option. 1 1 Quote Link to comment
jordanmw Posted June 7, 2019 Share Posted June 7, 2019 You really can't leave it open on any port- they will find it. Jonathan is right- vpn into your network for ssh access. Alternately, if you are a linux master and know snort at all- you can setup a port knocking scheme that would hit one port- then another- and it would open a new port of your choosing- then close it when the connection is over. Fun to play with that kind of stuff if you have the aptitude. Just google port knocking, there are tons of tools to help with setup. Quote Link to comment
1812 Posted June 7, 2019 Share Posted June 7, 2019 some firewalls have the ability to ignore scans if a given source hits XX number of ports. Sophos has that ability. Quote Link to comment
tr0910 Posted June 8, 2019 Share Posted June 8, 2019 13 hours ago, jordanmw said: Alternately, if you are a linux master and know snort at all- you can setup a port knocking scheme that would hit one port- then another- and it would open a new port of your choosing- then close it when the connection is over. Fun to play with that kind of stuff if you have the aptitude. Just google port knocking, there are tons of tools to help with setup. Can this be accomplished without a Sophos or Snort internet connection. What about those who have brain dead Comcast, Roadrunner, Verizon etc routers and can't or don't want to replace them. Can this be accomplished completely in unRaid iptables after opening up a bunch of ports on the router? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.