-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 08 April 2005 03:36, Dotan Cohen wrote: > I see that the attacker is comming from multiple IP's. Although I > currently do not ssh into this comupter, I would like to leave that > option open. Acually, I would like to set that up as soon as possible. > What should I block if I am being attacked by several IP's, but I do > not want to block ssh altogether? I would say move to another port other then 22 as others have suggested. No one will know except you and they won't hammer your system. Some please correct me if I am wrong!! Here is what I am planning in the future. I don't have SSH up on my system yet as I have not had enough time to look into this yet, but this is what I am thinking. I want to use double authentication when I put SSH live and here is how I want to do this (should anyone know of a web page that layers this out I would be thankful). I would like to use trusted keys, I know some people don't like this but my thought is that if the keys don't match the connection is dropped thus not even allowing the person to attempt to log in using a user name and password. Then after the key is correctly identified I still would like for the user to log in as they would normally do. This would be how I would like double authnetication to work. - -- Regards Robert Smile... it increases your face value! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCWGeb0xJrO8dQYHgRAqOkAKCDZPdyf3+/hPW+bOIffaBBFQERDACfXR0T Ws5K1y1K3yMO8/ovzvwtI/o= =Gp8f -----END PGP SIGNATURE-----
