[clug] SSH attack

[Alex Satrapa]

On 25 Jul 2005, at 23:51, Steve Jenkin wrote:

> Tonight I noticed lots of inbound network activity to an unused  
> host: I
> mapped SSH through the firewall to it.

I secured my network by only allowing SSH to one externally visible  
box, that box only allows key-based authentication (no passwords),  
and only users who have accounts on that machine can have keys  
present. Simple.

When brute force attacks start breaking into my box, I've probably  
got bigger problems than just unauthorized access.

Alex