Does that mean that you automatically block IPs that try to login on port 22 (si... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		themulticaster on Sept 25, 2021 \| parent \| context \| favorite \| on: AS13335 doing SSH scanning Does that mean that you automatically block IPs that try to login on port 22 (since they are obviously malicious/port scannners)? If yes, is there any specialized daemon for that or are you using firewall rules? Or are you running a SSH honeypot on port 22?

c0wb0yc0d3r on Sept 25, 2021 | [–]

The post is referring to this: https://github.com/skeeto/endlessh

I'm guessing that the person you replied to is referring to the same.

ben_bai on Sept 25, 2021 | [–]

A tarpit is a technique to waste your opponents time and network sockets. Usually by accepting the connection but only sending or receiving data at like 1byte/s.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact