[CentOS] Ideas for stopping ssh brute force attacks

Bowie Bailey Bowie_Bailey at BUC.com
Mon Jul 21 21:22:04 UTC 2008

Bo Lynch wrote:
> just wanted to get some feedback from the community. Over the last few
> days I have noticed my web server and email box have attempted to
> ssh'd to using weird names like admin,appuser,nobody,etc.... None of
> these are valid users. I know that I can block sshd all together with
> iptables but that will not work for us. I did a little research on
> google and found programs like sshguard and sshdfilter. Just wanted
> to know if anyone had any experience with anything like these
> programs or have any other advice. I really appreciate it.

The simplest thing is to change the port.  I know it's "security through
obscurity", but it works well and can be used along with whatever other
security enhancements you care to use.


More information about the CentOS mailing list