[clug] SSH attack

Alex Satrapa grail at goldweb.com.au
Mon Jul 25 23:35:15 GMT 2005

On 25 Jul 2005, at 23:51, Steve Jenkin wrote:

> Tonight I noticed lots of inbound network activity to an unused  
> host: I
> mapped SSH through the firewall to it.

I secured my network by only allowing SSH to one externally visible  
box, that box only allows key-based authentication (no passwords),  
and only users who have accounts on that machine can have keys  
present. Simple.

When brute force attacks start breaking into my box, I've probably  
got bigger problems than just unauthorized access.


More information about the linux mailing list