"Yitzchak Gale" <[EMAIL PROTECTED]> writes: > Unfortunately, on today's Internet any server with the standard SSH > port open gets continuously hammered by hundreds of botnet zombies > that try to find username/password combinations by brute force. > Disabling password authentication does not help - the zombies still > hammer you. So you just can't use the standard port anymore.
Run denyhosts (http://denyhosts.sourceforge.net/)! The statistics probably vary with site popularity, but my logs show eight attacks the last week, and since they are automatically blocked after a few tries, this gives a total of 39 login attempts. So I wouldn't call it "continously hammered". Most attacks try to login as 'root' or 'mysql', 'admin', 'staff', etc, and no sane admin would allow login to those accounts anyway. I only wish it was integrated with a tarpit, but I'm too lazy to recompile the kernel to get the necessary functionality. -k -- If I haven't seen further, it is by standing in the footprints of giants _______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
