cjc.im / posts / Running the honeypot VPS on a non-standard port

SSH Login attempts

Running the SSHD on a different port than standard, no deny hosts locking out anything led to a mere 300 attempts to login as root. No other users were tried.

Attempts | Login
300      | root

A combination of a non-standard port and running a software solution such as denyhosts would dramatically reduce the login attempts from hundreds of thousands, down to hundreds.

I have been slacking somewhat with these reports and making use of the VPS. Perhaps focussing more on the httpd side of things now that I have investigated the effects of port / deny hosts on the SSHD

Tags: infosec