Can I suggest the use of a graphical iptables manager like firestarter? That way, not only will you be able to see what is hitting your system, and potentially identify them, you can apply specific rules easily and see the result. I agree with Ed Wilts that the best way is to block all sshd connections, then open stealth ports for specific fixed IPs. Just opening an unusual port for sshd won't do the trick ... a port scanner will find the hole in seconds, and if your systems have already been attacked, then he'll come back for another look at some time - or one of his friends will. TD On Thursday 30 Dec 2004 13:19, chi wrote: > i discover sometime there is a people try to login my sshd server in my > home , he try many time. > is there exist something protect my computer? > for example, can sshd do if a ip try to login fail 5 time in certain > period. then it block it? > thx
