> Unfortunately I can't. My company's server hardening policy says > IPTables should be off! I have to apply for a "Security Override" if I > have to enable it. Go figure. > I'm trying to get that changed. Probably wise. Remind us all never to use your employer for anything important ;) If you can't use iptables because your company is weird you can always move the port, that'll probably confuse robots a lot > I did check where the attempts were coming from. The source IP addresses > were assigned to ISPs. So infected windows systems are most likely to be > the culprits. Every ssh server I have sees a continual stream of dictionary cracking attempts all from the timings apparently robots.
