Re: SSH attacks?

["alann lopes" <alann () ucsd edu>]

On Fri, 30 Jul 2004 07:16:52 EDT, M Shirk said:

> > If possible, change your SSHD port as
> > discussed in which you will avoid any
> > of these types of scans.


On Fri, July 30, 2004 1:51 PM, Valdis.Kletnieks said:

> Or even better, use iptables/ipf/whatever to
> restrict what hosts can connect, if you can.  If
> you know that a connection should only be from
> within the subnet, throw in a ruleset to allow
> that, and then a deny for everybody else.

I agree with Valdis... I've found this methodology
very useful over the years.  And to deal with
clients from dynamic IPs, about 5 years ago
I wrote a few scripts and a web interface
that allows these remote users to register
their dynamic IPs by authenticating themselves
against a pop server using APOP.  The web
connection is SSLed. It has worked extremely
well for years for both myself and a few other
folks here on campus.

cheers,

alann