Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

this can be fixed by just using random ssh port

all my services are always exposed for convenience but never on a standard port (except http)



It reduces the noise, yes, but doesn't stop a determined attacker.

After managing a fleet for a long time, I'd never do that. Tailscale or any other VPN is mandatory for me to be able to access "login" ports.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: