Re: SSH hank attempts… bad?
jfindlay at gmail.com
Tue Apr 11 21:07:22 MDT 2006
On 4/11/06, Wade Preston Shearer <lists at wadeshearer.com> wrote:
> My server can get up ~12,000  failed log in attempts recorded in
> my server's logs in one day. How much of a concern should this be? I
> am aware of restricting shell access to certain IPs. Will that
> restrict the handshake or will I still see the attempts in my logs?
> Are there any ways to restrict the attempts?
What I've done: 1. Change ssh port to a random non privileged, non
used port. 2. Use good passwords. 3. Install DenyHosts and change
the default "protective" settings to "brutally unforgiving" as in
after 5 tries at a password on any account real or fantastic, that
host is denied all services for forever.
You might want to read a recent SLLUG thread on this.
More information about the PLUG