Running the honeypot VPS on a non-standard port
Aug 18, 2015 in #infosecSSH Login attempts
Running the SSHD on a different port than standard, no deny hosts locking out anything led to a mere 300 attempts to login as root. No other users were tried.
Attempts | Login
300 | root
A combination of a non-standard port and running a software solution such as denyhosts would dramatically reduce the login attempts from hundreds of thousands, down to hundreds.
I have been slacking somewhat with these reports and making use of the VPS. Perhaps focussing more on the httpd side of things now that I have investigated the effects of port / deny hosts on the SSHD
home