Semi-Newbie, first-time poster here...
I manage a linux server that faces the public Internet. Every day there are thousands-upon-thousands of SSH login attempts on the "root" account (40,000 in the last several days). Within that sample are about 600 unique IPs that are attempting to brute-force my root account. Most of these IPs are on separate subnets. Almost all of the IPs are from outside my country (U.S.).
For various reasons I have chosen not to disable SSH login on this server. I...
Read more
I manage a linux server that faces the public Internet. Every day there are thousands-upon-thousands of SSH login attempts on the "root" account (40,000 in the last several days). Within that sample are about 600 unique IPs that are attempting to brute-force my root account. Most of these IPs are on separate subnets. Almost all of the IPs are from outside my country (U.S.).
For various reasons I have chosen not to disable SSH login on this server. I...
Read more