January 20, 2005
A Cure for the Common SSH Login Attack
Jon Scully writes "After setting up a Linux firewall/router for a client, I noticed that, within 30 minutes, the log files had started filling up with messages of failed ssh login attempts. The attacks were originating from several IP addresses at once. The usernames were common -- apache, admin, john, etc. This was getting to be real annoying. All of our Internet-exposed Linux boxes were being hit, several times a day. I felt compelled to find a solution."