Quote:
|
Originally Posted by KevinH Just block the IP at your firewall. |
I think you may wind up adding ALOT of IPs to your firewall rules. I noticed ssh probes as soon as I had my Zimbra machine up on the Internet... from many different IPs. Almost all of them looked like automated (scripted) ssh probes. They would try name, after name, after name for ssh.
Two suggestions.
1) Rather than block IPs, have a default rule of DENY in your firewall. Then, add ALLOW rules for only those IPs that you want. All other IPs are dropped on the floor.
2) Add "AllowUsers
yourname " to your sshd_config file. So, even if they get through your firewall, and even if they have an account on your zimbra machine, only
yourname will be allowed to make a ssh connection.
Mike
North Idaho Eye Institute