[CentOS] Ideas for stopping ssh brute force attacks
Bowie_Bailey at BUC.com
Mon Jul 21 21:22:04 UTC 2008
Bo Lynch wrote:
> just wanted to get some feedback from the community. Over the last few
> days I have noticed my web server and email box have attempted to
> ssh'd to using weird names like admin,appuser,nobody,etc.... None of
> these are valid users. I know that I can block sshd all together with
> iptables but that will not work for us. I did a little research on
> google and found programs like sshguard and sshdfilter. Just wanted
> to know if anyone had any experience with anything like these
> programs or have any other advice. I really appreciate it.
The simplest thing is to change the port. I know it's "security through
obscurity", but it works well and can be used along with whatever other
security enhancements you care to use.
More information about the CentOS