On Sun, Nov 03, 2013 at 09:47:34AM +0100, FRIGN wrote: > On Sun, 3 Nov 2013 12:26:52 +0200 > sin <s...@2f30.org> wrote: > > > Word, I get something like ~100 attacks per few minutes. I rate limit > > it at the firewall level. > > How effective is it to actually bind sshd to another port (like 1337 for > instance)? > Is that a sane defense against those attacks or have the > attackers advanced in the last few years to to a broader portscan?
Cuts down most of these automated brute force scans. Most of my friends do that as a first step. I only use key auth so it doesn't really matter except that it fills up my firewall logs with crap.