On 3.8.2013 11:17, Nick wrote:
Quoth Bryan Carey:
Thanks everyone for your input! I already had root access disabled via sshd config. I will look into fail2ban as it sounds like it remedies the problem I'm having.
Changing the port sshd runs on has a suprisingly large impact on reducing the number of these attacks, too. Of course it's only security by obscurity, but for the zombie attacks you're describing it's quite effective. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
I would also recommend using a key file for SSH authentication and disable password authentication. This way it's pretty much impossible for the attacker to gain access using SSH.
quote from archlinux wiki:
SSH keys serve as a means of identifying yourself to an SSH server usingpublic-key cryptography http://en.wikipedia.org/wiki/Public-key_cryptographyandchallenge-response authentication http://en.wikipedia.org/wiki/Challenge-response_authentication. One immediate advantage this method has over traditional password authentication is that you can be authenticated by the server without ever having to send your password over the network. Anyone eavesdropping on your connection will not be able to intercept and crack your password because it is never actually transmitted. Additionally, using SSH keys for authentication virtually eliminates the risk posed by brute-force password attacks by drastically reducing the chances of the attacker correctly guessing the proper credentials.
As well as offering additional security, SSH key authentication can be more convenient than the more traditional password authentication. When used with a program known as an SSH agent, SSH keys can allow you to connect to a server, or multiple servers, without having to remember or enter your password for each system.
SSH keys are not without their drawbacks and may not be appropriate for all environments, but in many circumstances they can offer some strong advantages. A general understanding of how SSH keys work will help you decide how and when to use them to meet your needs. This article assumes you already have a basic understanding of theSecure Shell https://wiki.archlinux.org/index.php/Secure_Shellprotocol and have installed theopenssh https://www.archlinux.org/packages/?name=opensshpackage, available in theOfficial Repositories https://wiki.archlinux.org/index.php/Official_Repositories.