If you run SSH ![[WikiPedia]](http://www.mikeyp.com/css/external.gif)
to allow secure remote logins to your server, you've probably noticed a big increase in unauthorized attempted logins. My main Linux box at home has been "under attack" nearly every day for the past 9 or 10 months. There is an article over on whitedust.net describing the situation, with a follow-up link describing some security solutions.
Nearly all of the unauthorized login attempts are coming from IP addresses in mainland China. It is a really weird sensation to know that Chinese hackers are trying to log in to a computer right here in my home office.
My system hasn't been breached, as I disallow root-level account remote logins and restrict user-level logins to a single account. However, since it still sucks to see log files fill up with unauthorized login attempts, I reconfigured the public SSH port on my router to a rarely used port. That simple change has, so far, deflected any further attacks.
