Firewalling SSH brute force attacks.
Sep 26, 2011, 10:00 (0 Talkback[s])
(Other stories by Max Spevack)
"Anyone who runs their own Linux server knows the annoyance of
looking through the log files to see automated SSH brute force
attacks trying to find a login to the machine. In the past, I've
avoided this problem simply by running sshd on a non-traditional
port, which makes all the automated scripts that attack port 22
I recently had to move sshd back to port 22, and I quickly tired
of seeing 5k failed login attempts every day.
A little bit of Googling, and my firewall has been updated in a
way that has eliminated almost all of those failed logins.