Rudi Ahlers wrote: > Tim Alberts wrote: >> So I setup ssh on a server so I could do some work from home and I >> think the second I opened it every sorry monkey from around the world >> has been trying every account name imaginable to get into the system. >> >> What's a good way to deal with this? >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >> > 1. Change the default port > 2. use only SSH protocol 2 > 3. Install some brute force protection which can automatically ban an IP > on say 5 / 10 failed login attempts > 4. ONLY allow SSH access from your IP, if it's static. Or signup for a > DynDNS account, and then only allow SSH access from your DynDNS domain > Fail2Ban is a good brute force protector. It works in conjunction with IPTables to block IPs that are "attacking" for a said duration of time. :) -- James A. Peltier Technical Director, RHCE SCIRF | GrUVi @ Simon Fraser University - Burnaby Campus Phone : 778-782-3610 Fax : 778-782-3045 Mobile : 778-840-6434 E-Mail : jpeltier at cs.sfu.ca Website : http://gruvi.cs.sfu.ca | http://scirf.cs.sfu.ca MSN : subatomic_spam at hotmail.com