I came across this interesting post about how to secure your SSH without changing the SSH listening port.
Things that the post author suggested are :
- Enforce the use of secure and hard to guess password
- Disable login by password, use Public Key Authentication for greater security.
- Allow SSH connection from trusted network only.
- Implement Port Knocking – http://www.linuxjournal.com/article/6811
- Use iptables RECENT match to filter SSH scanners
Personally I’ve enabled public-key authentication and SSH scanner filter to secure my server at the advice of my friend from a local security firm. Although, I haven’t tried the port knocking method yet, it seems interesting to know that ‘secret port knocking’ pattern also exists in computer security (remember ali baba?)
Hopefully this post will serve as a reminder to myself and those who read them, ah oh, most of this post content are lifted shamelessly from False sense of security
[tags]ssh,iptables,ubuntu,debian,security, port knocking,nmap, security scanners,exploit[/tags]