> > I have 2 questions. One, is there anything you can do to stop these > attempts, other than not running ssh? Welcome to script-kiddie 101. You can use key based authentication instead of password based, which will help, or you can move ssh to an alternate port. by moving ssh off port 22, you'll eliminate virtually all of these probes. > And two, do those ssh attempts every 3 or 4 seconds slow down a box, or > put any strain on it? Theoretically, it reduces it a little, but in practice, you won't/shouldn't notice the difference. The most noticeable hit is to bandwidth, but even that should be reasonably small. -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety'' Benjamin Franklin 1775