Open Port Worries

byteman

New Member
Credits
22
Somewhat of a noob here - worried about security.

While away from home, I have the need to access my home network through ssh. I have set up the following:
  • Through my router, I have port forwarded a random 5 digit port number to port 22 on one of my Linux machines.
  • The (Linux machine) ssh server service requires a private / public key login
  • Root login is disabled
While I don't see any spurious login attempts in my auth logs, I still worry about the possibility of being hacked.

Through tests and reading, I find it a very slow process to identify the open port on my outside network. And even if the open port is discovered, I can't find any utility which identifies what that open port is used for.

I know that there is no setup that is completely "unhackable", but does anyone see a glaring vulnerability here?
 


Credits
25
While I don't see any spurious login attempts in my auth logs, I still worry about the possibility of being hacked.
Have a look at Fail2Ban .... it could be just what you need if you think that people might be
" banging at your front door " ( however quietly they may be doing it ..... ;) )
 
Credits
25
I will try that - it looks promising.

Thanks for the suggestion!
You are most welcome ....

I had a spare Raspberry Pi lying idle so I set it up with everything on default ( apart from the password ;) )
I left the hostname as "Pi" and the SSH port on 22 .

And yes , I know , in doing so I created a honeypot , but I'd shut off all possibility of lateral movement ,
or pivoting .

Then I changed the port number to something way up-range .... far from any commonly used ports
My word ! ..... what a difference !
.... so quiet up there ....:cool:
 


Members online


Top