I used to get a few thousand attempts every day on port 22. Restricting by IP is a *good* thing.
Suggestion: Restrict SSH access to certain IPs. Write a PHP or Python web app that can add an IP to that list (and also conveniently tells you what your IP is.) The app should do this: 1) Text message your cell phone when an IP is added. 2) 3 minutes (or 5, or whatever) later, actually add the IP. Since adding IPs is rare, the delay isn't ordinarily an issue, nor is the text message. I'm assuming the web app would have at least some sort of trivial authentication/password as well, even just .htaccess. Since it alerts you when used, it doesn't need to be draconian. Of course, I'd rather you all stayed on port 22 with no access restrictions. I don't have to outrun the bear, I only need to outrun you. ;-) --DTVZ
_______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
