Unfortunately I can't. My company's server hardening policy says
IPTables should be off! I have to apply for a "Security Override" if I
have to enable it. Go figure.
I'm trying to get that changed.

Probably wise. Remind us all never to use your employer for anything
important ;)

If you can't use iptables because your company is weird you can always
move the port, that'll probably confuse robots a lot

I did check where the attempts were coming from. The source IP addresses
were assigned to ISPs. So infected windows systems are most likely to be
the culprits.

Every ssh server I have sees a continual stream of dictionary cracking
attempts all from the timings apparently robots.

fedora-list mailing list
To unsubscribe:

Relevant Pages

  • RE: Reflexive firewalls?
    ... And yep, it is feasible with iptables, but you will need a small script to open the ssh port after the telnet knock ... ... Don't have any idea with iptables. ... I've recently used an SSH server that had an interesting ...
  • Re: a GOOD idea to harden OpenSSH!
    ... a GOOD idea to harden OpenSSH! ... if a user wants to connect to an ssh server then he have to ... then he can write his passphare. ... This can already be similarly done using iptables, ...