21 Jul
2008
21 Jul
'08
9:22 p.m.
Bo Lynch wrote:
just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc.... None of these are valid users. I know that I can block sshd all together with iptables but that will not work for us. I did a little research on google and found programs like sshguard and sshdfilter. Just wanted to know if anyone had any experience with anything like these programs or have any other advice. I really appreciate it.
The simplest thing is to change the port. I know it's "security through obscurity", but it works well and can be used along with whatever other security enhancements you care to use.
--
Bowie