El Domingo, 22 de Abril de 2007 02:50, Keith G. Robertson-Turner escribió: > > I have hundreds off ssh attacks every day. Just make sure you have a > *very* secure password (or don't forward ssh from the router). > > I also use "denyhosts" which I've found extremely useful (it's in extras). That plus some kind of app such as fail2ban to permit only like like 3 attemps of login, and if the bot, (usually those kinds of bruteforce attacks are made by bots) fails more than 3 times the password, its IP will be banned for a period of time you can set up in the config file of fail2ban, for instance. Usually if your box is not being used as a production server or is a corporate server where lot of people work in, changing the sshd port would be an effective solution, indeed. Just my two cents. All the best. -- Manuel Arostegui Ramirez. Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues.
