I hear that port 22 is routinely attacked -- mabye every 2 minutes. How can I make ssh on openwrt use a different port?
Thanks,
Siegfried
Topic: How to move ssh from port 22?
The content of this topic has been archived on 18 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Page 1 of 1
siegfried wrote:
I hear that port 22 is routinely attacked -- mabye every 2 minutes. How can I make ssh on openwrt use a different port?
Edit /etc/init.d/S50dropbear and append "-p n" to the last line:
/usr/sbin/dropbear -p 222and then restart dropbear:
killall dropbear; /etc/init.d/S50dropbearor reboot your WRT.
Cheers,
Martin.
(Last edited by mpot on 18 Mar 2006, 05:04)
additionally you may add a measure to your firewall that counts login attempts and forbids them after
a number of attempts within at certain time.
Example: (port = 22, application SSH, number of times 3, within 180 seconds; adapt as wanted)
insmod ipt_recent.o
WAN_IF=$(nvram get wan_ifname)
# Accept tcp SYN packets for SSH from wan interface if not a trial and error login effort:
iptables -A INPUT -i $WAN_IF -p tcp --dport 22 --syn \
-m recent --name SSH --update --hitcount 3 --seconds 180 -j DROP
iptables -A INPUT -i $WAN_IF -p tcp --dport 22 --syn \
-m recent --name SSH --set -j ACCEPT
(Last edited by doddel on 18 Mar 2006, 09:56)
The discussion might have continued from here.
Page 1 of 1