You could presumably still just SYN scan to find the ports and then use proxies ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

ryanlol on May 22, 2016 | parent | context | favorite | on: TOTP SSH port fluxing

You could presumably still just SYN scan to find the ports and then use proxies to identify the real sshd.

Obviously my approach would be somewhat involved but I'd imagine this would mostly be intended to protect against someone who may already have likely password candidates, rather than just random scanners.

jgrahamc on May 22, 2016 [–]

The idea was that if you sent a packet to a decoy port then your IP was banned.

ryanlol on May 22, 2016 | [–]

I don't think shimmer will catch half open connections, and if it did you could somewhat easily get large parts of the internet banned.

jgrahamc on May 22, 2016 | | [–]

Maybe not. It's been 8 years since I last looked at that code...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact