David C. Rankin wrote:
Philip,
The best solution I've found is to simply move ssh to a high port. I used to have 300-3000 log entries per day of script kiddies trying to hack my ssh on port 22. I moved ssh to a high port several months ago and I have had *zero* attempts to crack my system since.
The high port setup definitely works, but so does blocking with iptables after 3 failed attempts in 60secs. I've been using that on all my systems since I saw it here: http://lists.suse.com/archive/suse-security/2005-Dec/0069.html
**NOTE: for added security set up ssh keys for access and disable password authentication:
I wouldn't say added, but ultimate. No amount of brute force will overcome that. /Per -- Per Jessen, Zürich (14.3°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org