32
Spent 3 hours trying to figure out why my home server kept getting weird login attempts
I set up a simple web server on an old laptop to host a project. After a week, I checked the logs and saw hundreds of failed SSH login tries from random IPs. I thought my password was weak, so I changed it, but they kept coming. I finally realized I had left the default SSH port 22 open to the internet. Changing it to a different port, like 2222, in the config file and updating my firewall rules stopped all the noise immediately. Anyone else have a simple port change fix a security headache?
3 comments
Log in to join the discussion
Log In3 Comments
the_taylor22d ago
My old Raspberry Pi was getting hammered with attempts every day. Swapping from port 22 to something random like 4821 made the log files completely clean overnight. It's the easiest first line of defense.
8
averyc9422d ago
Easiest first line" feels like security theater, jenny_white21.
5