Mohd Syakir wrote: > Hi, > > i have one centos 4.3 box, exposed to the internet. > since several weeks ago, i found numerous attemps to connect through > SSH, but failed. > > they tried with many username, including root. > it's comes from different IP. some of them are foreign website. > > How do i make my centos become smarter in handling this kind of > attacks. > > eventhough i've disable all the user accounts, left only the admin > accounts. making the password so hard, longer and combining alphabet, > numbers and characters... yet i dont want the attackers keep on > trying. Also use rate limit in iptables Search for "iptables limit ssh" for examples. Dean