Tim Alberts wrote: > Ned Slider wrote: >> >>> Tim Alberts wrote: >>>> So I setup ssh on a server so I could do some work from home and I >>>> think the second I opened it every sorry monkey from around the >>>> world has been trying every account name imaginable to get into the >>>> system. >>>> >>>> What's a good way to deal with this? >>>> >> >> The Wiki has an article here on just this: >> >> http://wiki.centos.org/HowTos/Network/SecuringSSH >> > I've been experimenting with the iptables filtering with the recent > module, but I have not yet had success. I do have my default policy to > reject with icmp and I've read the note that the default should be > DROP. Is this the problem? > If you just need access from home, I would just open the ssh port to your home IP address. If this isn't possible because you don't have a static IP at home, maybe moving to a non-standard port and/or configuring public/private keys (and disabling password authentication) would be sufficient. IPTables isn't the only way to crack this particular nut.