After a long battle with technology, Erich Newell wrote:
[ botnets, ssh brute force attacks, etcetera ]
> I recommend Single Packet Authentication or Port Knocking for use in
> conjunction with your SSH service.

Port knocking is really useful, but you need to have something on the remote 
client that can send the knock sequences--knock or netcat or even telnet.  
This may or may not be easy, depending on what the remote client is.  So I 
have my sshd listening on 22 and a non-standard port.  22's blocked off with 
iptables/knockd.  The non-standard port is not.  I haven't seen any 
brute-force ssh attacks in the last 3 weeks according to the logs.

-- 
   Really, I'm not out to destroy Microsoft.  That will just be a
   completely unintentional side effect.  --Linus Torvalds
  My blog and resume: http://crow202.dyndns.org:8080/wordpress/
Matt G|There is no Darkness in Eternity/But only Light too dim for us to see
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss