<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
<br>
<br>
Tim Evans wrote:
<blockquote
cite="mid:34082.199.173.225.25.1210850595.squirrel@tkevans.com"
type="cite">
<pre wrap="">Scott van Looy wrote:
</pre>
<blockquote type="cite">
<pre wrap="">So I ran
iptables -A INPUT -s 193.239.125.119 -j DROP
</pre>
</blockquote>
<pre wrap=""><!---->
This is likely a losing battle, as you'll never be able to keep adding
rules for individual IP's.
You can, however, configure iptables to *allow* only a specified list of
IP addresses (i.e., the ones you approve of).
You should also configure sshd to allow only a specified list of users.
man sshd_config for details.
If this is not manageable, take a look at denyhosts
(<a class="moz-txt-link-freetext" href="http://denyhosts.sourceforge.net/">http://denyhosts.sourceforge.net/</a>)
</pre>
</blockquote>
These are script kiddies. Changing ssh to a non standard port instead
of the default 22 will also eliminate the attacks. This is useful if
your users move around and have different ip's.<br>
<br>
<br>
</body>
</html>