Gerald wrote:
> It looks like i'm getting a dictionary attack on my system. I moved
> ssh to another port instead of 22 in hopes that would put a halt to it
> but it did not. Any recommendations to improve security here? I notice
I'm very dubious that these attack scripts can find your new sshd listen
port if it is not directly associated with ssh protocol. The first
thing to check is that you actually moved it. Here's a box listening on 22:
# netstat -pln | grep sshd
tcp 0 0 :::22 :::*
LISTEN 3819/sshd
Note that you would have needed
service sshd restart
after changing
/etc/ssh/sshd_config
-Andy
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
