[CentOS] ssh attack

Mon Feb 13 23:07:38 UTC 2006
Jim Perrin <jperrin at gmail.com>

> I have 2 questions. One, is there anything you can do to stop these
> attempts, other than not running ssh?

Welcome to script-kiddie 101.  You can use key based authentication
instead of password based, which will help, or you can move ssh to an
alternate port. by moving ssh off port 22, you'll eliminate virtually
all of these probes.

> And two, do those ssh attempts every 3 or 4 seconds slow down a box, or
> put any strain on it?

Theoretically, it reduces it a little, but in practice, you
won't/shouldn't notice the difference. The most noticeable hit is to
bandwidth, but even that should be reasonably small.

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety''
Benjamin Franklin 1775