MikeyP.com MikeyP.com

SSH Hacker Attacks

If you run SSH [WikiPedia] to allow secure remote logins to your server, you've probably noticed a big increase in unauthorized attempted logins. My main Linux box at home has been "under attack" nearly every day for the past 9 or 10 months. There is an article over on whitedust.net describing the situation, with a follow-up link describing some security solutions.

Nearly all of the unauthorized login attempts are coming from IP addresses [WikiPedia] in mainland China. It is a really weird sensation to know that Chinese hackers are trying to log in to a computer right here in my home office.

My system hasn't been breached, as I disallow root-level account remote logins and restrict user-level logins to a single account. However, since it still sucks to see log files fill up with unauthorized login attempts, I reconfigured the public SSH port on my router to a rarely used port. That simple change has, so far, deflected any further attacks.

Read more stories like this one...