Assuming you run a legit SSH server on port A and an SSH tarpit on port B. What ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		blastbeat on March 22, 2019 \| parent \| context \| favorite \| on: Endlessh: An SSH Tarpit Assuming you run a legit SSH server on port A and an SSH tarpit on port B. What hinders an attacker to connect to port A an B at the same time? What is the advantage having an attacker connected for weeks on port B?

sm4rk0 on March 22, 2019 | [–]

They will usually try port 22 for SSH, only. So, if tarpit is on port 22 and real SSH is on another - mission accomplished: you're making them (at least one of their threads) wait.

dickeytk on March 22, 2019 | [–]

nothing, except the attacker doesn't know what A is. 22 is the default for ssh.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact