[CentOS] Defending againts simultanious attacks
Plant, Dean
dean.plant at roke.co.uk
Thu Feb 15 14:05:29 UTC 2007
Mohd Syakir wrote:
> Hi,
>
> i have one centos 4.3 box, exposed to the internet.
> since several weeks ago, i found numerous attemps to connect through
> SSH, but failed.
>
> they tried with many username, including root.
> it's comes from different IP. some of them are foreign website.
>
> How do i make my centos become smarter in handling this kind of
> attacks.
>
> eventhough i've disable all the user accounts, left only the admin
> accounts. making the password so hard, longer and combining alphabet,
> numbers and characters... yet i dont want the attackers keep on
> trying.
Also use rate limit in iptables
Search for "iptables limit ssh" for examples.
Dean
More information about the CentOS
mailing list