Yesterday my poor little home server was subjected to a two hour SSH dictionary attack. Root login via SSH is disabled, and user login is only via key exchange - I don't permit password based logins at all, so the spottly little Herbet didn't get in. However all the logging made a lot of noise, and my better half was not best pleased.
I've seen SSH dictionary attacks before, but normally they only have a few goes before giving up, this one was truly persistent. I'll have to investigate bandwith throttling and dynamic blacklisting options in future.
Re:Suggest non-standard port
ajt on 2005-07-21T18:59:40
A few people have suggested this, and while it's no more secure, it does get rid of the script kiddies. However the way the firewall at work is configured, I can only get out of the site on a handful of ports...
