Mohd Syakir spake the following on 2/15/2007 5:02 AM: > Hi, > > i have one centos 4.3 box, exposed to the internet. > since several weeks ago, i found numerous attemps to connect through > SSH, but failed. > > they tried with many username, including root. > it's comes from different IP. some of them are foreign website. > > How do i make my centos become smarter in handling this kind of attacks. > > eventhough i've disable all the user accounts, left only the admin > accounts. making the password so hard, longer and combining alphabet, > numbers and characters... yet i dont want the attackers keep on > trying. > > any suggestions? > > thanks in advance. You can try fail2ban. Atrpm's has a binary. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!!