SSH attacks, again!
I am too lazy to install fail2ban to protect my ssh daemon against bad boys. In, addition, I have been raised to minimize reliability on applications when a one-liner or a few-lines script would do all or part of the work. Yesterday, I decided to turn on my home's sshd and make it accessible from outside, so that whenever I need something while at work I would ask some one just to turn on my laptop. I did, and the bad Chinese boys were too quick that they started attacking my poor daemon. They were trying users like: root, oracle, backup, postgres, www, test, kylix, info. So far, there is only one attacking IP which is: 58.68.150.174 So, I hopped for: 1- denying remote root login (Yes, I am a lazy sysadmin! Should have done this earlier) and 2- updating my counter-ssh-attacks script as follows (P.S. I have removed explanatory comments): #! /bin/bash RETVAL=0 secure='/var/log/secure' file='/tmp/counter-ssh' deny='/etc/hosts.deny' #grep "Did
