Goodbye SSH Brute-force!

TL;DR

  1. Sign-up https://zerotier.com, free for the 1st 50 devices!
  2. Create a Zerotier private network
  3. Join private network, both ssh-server & client
  4. Configure sshd to listen with private IP
  5. Goodbye ssh-brute-force!

Why?

Reduce Attack-Surface

Screenshot 2020-10-16 at 8.57.43 AM.png

When we disrupt one or more of the Necessary & Sufficient conditions for any Cyber-Physical attacks, in this case Threat Accessibility, we lower the risk ( probability). This applies to other administrative service/ports.

Even if there were a 0-day ssh-server vulnerability that is exploitable, attackers will need to first get into your client.

Enabling Multi-Factor/Step Authentication on your VPS provider is also related to Threat Accessibility.

Improve "Signal-to-Noise" Ratio

Server-logs are useful for investigating any incidents. When cluttered with blocked/refused SSH attempts, those entries are simply "noise", which will be eliminated after this configuration.

Storage is Precious

Why waste it on "noise"?

Comments (1)

Jym Cheong's photo

Extra fun, put this: github.com/skeeto/endlessh on the standard port... It keeps SSH clients locked up for hours or even days at a time.