Tim Alberts wrote:
Ned Slider wrote:
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I think the second I opened it every sorry monkey from around the world has been trying every account name imaginable to get into the system.
What's a good way to deal with this?
The Wiki has an article here on just this:
I've been experimenting with the iptables filtering with the recent module, but I have not yet had success. I do have my default policy to reject with icmp and I've read the note that the default should be DROP. Is this the problem?
If you just need access from home, I would just open the ssh port to your home IP address. If this isn't possible because you don't have a static IP at home, maybe moving to a non-standard port and/or configuring public/private keys (and disabling password authentication) would be sufficient. IPTables isn't the only way to crack this particular nut.