Re: I'm getting attacked

On Fri, 16 Feb 2007 10:52:00 +0000 (UTC), Damian 'legion' Szuberski wrote:
On 2007-02-14, jsuthan wrote:
I keep getting logs like these - the x is there to protect the guilty:

Jan 16 05:37:47 penguin sshd[16174]: Invalid user guest from
Jan 16 05:37:50 penguin sshd[16176]: Invalid user master from
Jan 16 05:37:53 penguin sshd[16178]: Invalid user apache from
Jan 16 05:38:15 penguin sshd[16199]: Invalid user admin from

Can someone give me advice about what I should do about it? One idea is
to move the ssh port to something besides the default. But really I'm
not sure. Please help.
give attacker some work .. example switch you default ssh port 22 to 44
or something else. Doing this attacker need to sniff out which port your
ssh assign to. You also can enable tcpd features; this library enforces
system to strict network connectivity. Checkout man page for host.allow
and host.deny. Finally something very important learn to use iptables;
prime linux security.

One more advice how to obtain security through obscurity?

Turn off your computer,
There's nothing more obscure that a power-down computer.