On Monday 13 February 2006 7:19 pm, Will McDonald wrote: > * If you know absolutely where all SSH connections originate from drop > all other traffic on that port bar the know IP address/range > > As long as you at least understand the basics of how and why you're > doing these things, the more layers of security you add the better. Great summary. You might want to add: *Ban/block class A subnets you know you would never need SSH access from (usually foreign countries, etc) *Consider dedicating a spare machine to run as an SSH server/proxy.