[CentOS] Ideas for stopping ssh brute force attacks

David Dyer-Bennet dd-b at dd-b.net
Wed Jul 23 14:21:10 UTC 2008

On Tue, July 22, 2008 16:45, Les Bell wrote:

> Moving sshd to a non-standard port is one of the worst examples of relying
> on security by obscurity. Its only advantage is that it cuts out some
> noise
> in the logs, but proper precautions do that as well, without lulling you
> into a false sense of security.

I think you've put your finger on a key point here -- what most people
really want here is a reduction in log noise.

I'd suggest the best way to achieve that is to not display SSH logon
failures :-).  If you instead scan the *successes*, you're much more
likely to actually spot any problem that occurs.

David Dyer-Bennet, dd-b at dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info

More information about the CentOS mailing list