Where to Report an Attack? 1 points by airocker 5y ago ↗ HN I run an open ssh server on the web. WE are seeing a lot of attacks trying to guess the password on ssh logs. Is this normal? We will switch it off but is there a place to complain?
[–] maxbaines 5y ago ↗ This is very normal, so normal search is your friend for suggestions on how to mitigate. [–] maxbaines 5y ago ↗ To be clear it is normal however you should take steps to protect against it.
[–] miles 5y ago ↗ You may want to consider disabling password-based SSH logins altogether and sticking with keys instead.Also, you can reduce a lot of noise by changing the port number:Moving your SSH port isn’t security by obscurity https://news.ycombinator.com/item?id=24542104Why change default ssh port? https://serverfault.com/questions/189282/why-change-default-...
3 comments
[ 3.3 ms ] story [ 17.1 ms ] threadAlso, you can reduce a lot of noise by changing the port number:
Moving your SSH port isn’t security by obscurity https://news.ycombinator.com/item?id=24542104
Why change default ssh port? https://serverfault.com/questions/189282/why-change-default-...