Rudi Ahlers wrote:
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been trying every account name imaginable to get into the system.
What's a good way to deal with this?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
1. Change the default port
2. use only SSH protocol 2
3. Install some brute force protection which can automatically ban an IP
on say 5 / 10 failed login attempts
4. ONLY allow SSH access from your IP, if it's static. Or signup for a
DynDNS account, and then only allow SSH access from your DynDNS domain
Fail2Ban is a good brute force protector. It works in conjunction with
IPTables to block IPs that are "attacking" for a said duration of time. :)
--
James A. Peltier
Technical Director, RHCE
SCIRF | GrUVi @ Simon Fraser University - Burnaby Campus
Phone : 778-782-3610
Fax : 778-782-3045
Mobile : 778-840-6434
E-Mail : jpeltier@xxxxxxxxx
Website : http://gruvi.cs.sfu.ca | http://scirf.cs.sfu.ca
MSN : subatomic_spam@xxxxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
