Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Disable ssh access for password-guessing bots' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Disable ssh access for password-guessing bots
Authored by: eagle on Oct 11, '08 11:02:07AM

Another solution is to enable SSH access from only those networks that need it.

The entire world can access my web server, but you need to be coming from one of a handful of source IP subnets in order to even hit my SSH port. Now, of course, there could still be bots on those networks, but that hasn't been my experience. And, yes, I watch my log daily.

---

Another option: disable IPv4 SSH altogether. If you're behind a router, this is easy. And, with a properly configured router, Back To My Mac still works for inbound IPv6 SSH.



[ Reply to This | # ]