<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Fwknop on Michele Bologna</title><link>https://www.michelebologna.net/tags/fwknop/</link><description>Recent content in Fwknop on Michele Bologna</description><generator>Hugo</generator><language>en</language><lastBuildDate>Thu, 11 Jun 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://www.michelebologna.net/tags/fwknop/index.xml" rel="self" type="application/rss+xml"/><item><title>Why I close SSH port 22 entirely (and what I use instead)</title><link>https://www.michelebologna.net/2026/ssh-port-22-fwknop-single-packet-authorization/</link><pubDate>Thu, 11 Jun 2026 00:00:00 +0000</pubDate><guid>https://www.michelebologna.net/2026/ssh-port-22-fwknop-single-packet-authorization/</guid><description>&lt;p&gt;Most SSH hardening guides stop at key-only auth and &lt;a href="https://www.fail2ban.org/" class="external-link" target="_blank" rel="noopener"&gt;fail2ban&lt;/a&gt;. That helps, but if your machine has a public IP, port 22 is still open to the internet. Every automated scanner can probe it and get a response: the SSH version string, the banner, proof that something is listening.&lt;/p&gt;</description></item></channel></rss>