On Mon, Jul 21, 2008 at 3:43 PM, Bo Lynch <blynch at ameliaschools.com> wrote: > just wanted to get some feedback from the community. Over the last few > days I have noticed my web server and email box have attempted to ssh'd to > using weird names like admin,appuser,nobody,etc.... None of these are > valid users. I know that I can block sshd all together with iptables but > that will not work for us. I did a little research on google and found > programs like sshguard and sshdfilter. Just wanted to know if anyone had > any experience with anything like these programs or have any other advice. > I really appreciate it. Possibly begin by not allowing root access. Don't use passwords, use keys. http://wiki.centos.org/TipsAndTricks/SshTips/SshKeyAuthentication