Re: How should I react to break in attempts
Jan Morales wrote:
Yesterday a single host out there made over 300 attempts to login to
sshd on my server. My feeling is that I can't stop people from trying,
so my only goal is to prevent them from succeeding. Use a firewall
and/or iptables or similar things, lock out unused logins, use good
passwords on active logins, kill unnecessary services, stay up to date
on security updates, etc. Someone once said that the only way to
absolutely guarantee a computer's security is to unplug it. Short of
that, approach computer security diligently, because people out there
will try to break in.
Arthur Pemberton wrote:
I edited the SSHd config file to listen on a port other than 22.
Alternatively, you could use IPTABLES to route some port (say 2022) to
port 22.
--
Steve