|
|
|
|
|
|
by quantumofalpha
1848 days ago
|
|
|
What's wrong with exposing SSH? It has got to be one of the most well tested pieces of network software out there. Re. fail2ban - nearly all ssh scanning attempts in the wild seem to be from unsophicated attackers using some pieces of obsolete software. I disabled all but a couple of modern ciphers/mac/kex algorithms and hardly ever see any password bruteforce attempts in my logs (not that they have any chance of working - I disable password authentication as well). Mostly a bunch of "no matching key exchange method found" which I regard a minor nuisance. |
|
|