On Fri, Nov 11, 2005 at 04:44:46PM -0500, stan wrote:
> I;ve got a machien that seems to getting atacked by what appears to be a
> simplistic "brute force" attck. it's getting hit multiple ties a second
> with bogus root login attempts, my guess is that they are trying dictionary
> atacks on the password for root.
>
> Any sugestions as to how to deal with this? Change the port ssh is
> listening on maybe?
PermitRootLogin no?
AllowUsers me?
AllowGroups ssh-users?
PasswordAuthentication no?
Port XYZ?
# passwd?
Really, if you have a decent password, there's little to worry over. If
you want to keep your logs clean, move to a different port. For
security, disable password authentication and root login. Or just use
decent passwords.
Joachim
