Well, I just proposed a more secure approach. It is easier to filter traffic through a single server rather than doing it on every node. At least for the case when you have an infrastructure of a couple of nodes.
Mostly I wanted to emphasize why running a privileged process on an unprivileged...
You can use port knocking then. But a better approach is to use a VPS as an access point and even better in combination with a VPN. And access should be allowed only from the VPN or the VPS. At least that seems more reasonable the moment you start to develop an infrastructure.
I am sure script-kiddies are different from one another with varying level of skills. Also, there aren't only script kiddies on the net.
Why not to restrict access to SSH through the firewall? That would be a much better approach.
Usually the best approach is to provide a system as vanilla as...
Here is how security through obscurity goes down the drain: nmap -sV <hostname/ip>
By the way, running SSH on an unprivileged port is a bad idea. When you run it on privileged port you know that it was started by root. Otherwise you are not sure who started it.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.