The null program is a really great blog written by Chris Wellons. He has a great amount of interesting stuff on a wide array of programming topics.

One that caught my attention recently, is Endlessh: an SSH Tarpit. Essentially, what he is proposing is a very simple and low cost way to slow down unsophisticated attacks on Internet facing servers.

If you’ve ever had an Internet facing server with port 22 open, you can immediately see the value of this. Of course, a good practice is to move the SSH port to a non-standard one. But this lets the attackers off easy as they bounce off the closed port quickly. If they get stuck for minutes, hours or days, they might decide to leave well enough alone and find a different hobby (or profession).

Next time I’m deploying a server with SSH onto the Internet, I’m going to use Endlessh on port 22 after I move my SSH port. I might even take up Chris’ idea to implement it in Python using asyncio. Good stuff.