Why not change the port that the SSH daemon listens to. Change it to use
an unused port > 1024 and you will see that the attempt will stop.
Jens
> Hi,
>
> i have one centos 4.3 box, exposed to the internet.
> since several weeks ago, i found numerous attemps to connect through
> SSH, but failed.
>
> they tried with many username, including root.
> it's comes from different IP. some of them are foreign website.
>
> How do i make my centos become smarter in handling this kind of attacks.
>
> eventhough i've disable all the user accounts, left only the admin
> accounts. making the password so hard, longer and combining alphabet,
> numbers and characters... yet i dont want the attackers keep on
> trying.
>
> any suggestions?
>
> thanks in advance.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>