[CentOS] Defending againts simultanious attacks

Fri Feb 16 23:12:00 UTC 2007
MrKiwi <mrkiwi at gmail.com>

I have *never* had an ssh attempt on my boxes with 
non-standard port numbers.
I (used to) get *hourly* attempts on port 22.

If you really want to get paranoid though, have a look at 
the various port openers.
"Pork knocking" is the phrase you need to google for.

Regards,

MrKiwi



======================
Daryl Egarr,  Director
Kawhai Consultants Ltd
Cell       021 521 353
Daryl.Egarr at kawhai.net
======================

Kamill S wrote:
> Hello,
> 
> you can let listen sshd on Port 222 for example. Edit /etc/ssh/sshd_conf
> 
> In line  #Port 22
> 
> Greetz
> 
> 
> Mohd Syakir wrote:
>> Hi,
>>
>> i have one centos 4.3 box, exposed to the internet.
>> since several weeks ago, i found numerous attemps to connect through
>> SSH, but failed.
>>
>> they tried with many username, including root.
>> it's comes from different IP. some of them are foreign website.
>>
>> How do i make my centos become smarter in handling this kind of attacks.
>>
>> eventhough i've disable all the user accounts, left only the admin
>> accounts. making the password so hard, longer and combining alphabet,
>> numbers and characters... yet i dont want the attackers keep on
>> trying.
>>
>> any suggestions?
>>
>> thanks in advance.
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>>
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>