[tor-relays] is a good idea to run a ssh honeypot?
Mirimir
mirimir at riseup.net
Sun Apr 7 21:06:01 UTC 2019
On 04/07/2019 12:52 PM, caioau wrote:
> Hi, I been running a relay for almost 1,5 year, and in the beginning I didn't change the default 22 ssh port but a lot of people were trying to login , no worries I only allow public key authentication.
>
> So I was wondering if I could record the attacks, so I find this https://haas.nic.cz/ service and I'm running on my relay, is it a good idea?
>
> Thanks
>
> Sent with ProtonMail Secure Email.
There's also endlessh:
| Endlessh is an "SSH tarpit that very slowly sends an endless,
| random SSH banner. It keeps SSH clients locked up for hours or
| even days at a time. The purpose is to put your real SSH server
| on another port and then let the script kiddies get stuck in
| this tarpit instead of bothering a real server.
https://github.com/skeeto/endlessh
More information about the tor-relays
mailing list