On Mon, 10 Apr 2017, Rich Shepard wrote: > On Mon, 10 Apr 2017, Paul Heinlein wrote: > >> I've thought about moving it to an alternate port, and may someday >> do so, but in the meantime I've tried to keep up with best >> practices for sshd configuration. >> >> I recently changed the KexAlgorithms setting, removing all >> key-exchange algorithms based on NIST curves. > >> The number of scanners that even get through to the stage of >> 'Invalid user' has dropped from a couple hundred per day to less >> than a dozen. > > Paul, > > Have you considered running a test to learn if changing the port > would be equally effective?
I've run such a test for the past three or four years. "Effective" in this context can have two definitions: * does the change reduce the quantity of unwanted probes? * does the change raise the quality necessary for a successful probe? In the case of quantity, the answer is definitely affirmative. Running SSH on non-standard ports reduced to near zero the number of scanning probes. In the case of quality, changing the port has no effect. -- Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/ _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug