Use port knocking.
The iptables settings for port knocking is available at
http://www.soloport.com/iptables.html.
Others port knocking methods are available in http://www.portknocking.org
On 2/13/06, Jim Perrin <jperrin@xxxxxxxxx> wrote:
> >
> > I have 2 questions. One, is there anything you can do to stop these
> > attempts, other than not running ssh?
>
> Welcome to script-kiddie 101. You can use key based authentication
> instead of password based, which will help, or you can move ssh to an
> alternate port. by moving ssh off port 22, you'll eliminate virtually
> all of these probes.
>
> > And two, do those ssh attempts every 3 or 4 seconds slow down a box, or
> > put any strain on it?
>
> Theoretically, it reduces it a little, but in practice, you
> won't/shouldn't notice the difference. The most noticeable hit is to
> bandwidth, but even that should be reasonably small.
>
> --
> "They that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety''
> Benjamin Franklin 1775
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
--
Cleber P. de Souza
