[CentOS] Ideas for stopping ssh brute force attacks
lmmailinglists at gmail.com
Mon Jul 21 21:20:53 UTC 2008
On Mon, Jul 21, 2008 at 4:08 PM, Lanny Marcus <lmmailinglists at gmail.com> wrote:
> On Mon, Jul 21, 2008 at 3:43 PM, Bo Lynch <blynch at ameliaschools.com> wrote:
>> just wanted to get some feedback from the community. Over the last few
>> days I have noticed my web server and email box have attempted to ssh'd to
>> using weird names like admin,appuser,nobody,etc.... None of these are
>> valid users. I know that I can block sshd all together with iptables but
>> that will not work for us. I did a little research on google and found
>> programs like sshguard and sshdfilter. Just wanted to know if anyone had
>> any experience with anything like these programs or have any other advice.
>> I really appreciate it.
> Possibly begin by not allowing root access. Don't use passwords, use keys.
The above link is mostly dead. The data isn't there yet.
if you can sudo into your servers, that might help.
Also, use a different port. Many ways to skin a cat.
More information about the CentOS