Plant, Dean wrote:
Mohd Syakir wrote:
Hi,
i have one centos 4.3 box, exposed to the internet.
since several weeks ago, i found numerous attemps to connect through
SSH, but failed.
they tried with many username, including root.
it's comes from different IP. some of them are foreign website.
How do i make my centos become smarter in handling this kind of
attacks.
eventhough i've disable all the user accounts, left only the admin
accounts. making the password so hard, longer and combining alphabet,
numbers and characters... yet i dont want the attackers keep on
trying.
Also use rate limit in iptables
Search for "iptables limit ssh" for examples.
Or give only SSH2 public key access, so no passwords. But even then you
will see host that try for a long time to get access. And at every try
they can read the prompt that only says:
Permission denied (publickey).
Cheers,
Theo
|
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
