[CentOS] Re: Defending againts simultanious attacks
Scott Silva
ssilva at sgvwater.com
Thu Feb 15 18:03:06 UTC 2007
Mohd Syakir spake the following on 2/15/2007 5:02 AM:
> Hi,
>
> i have one centos 4.3 box, exposed to the internet.
> since several weeks ago, i found numerous attemps to connect through
> SSH, but failed.
>
> they tried with many username, including root.
> it's comes from different IP. some of them are foreign website.
>
> How do i make my centos become smarter in handling this kind of attacks.
>
> eventhough i've disable all the user accounts, left only the admin
> accounts. making the password so hard, longer and combining alphabet,
> numbers and characters... yet i dont want the attackers keep on
> trying.
>
> any suggestions?
>
> thanks in advance.
You can try fail2ban.
Atrpm's has a binary.
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
More information about the CentOS
mailing list