Chris Green chris@areti.co.uk writes:
Tim Green wrote:
Chris Green chris@areti.co.uk wrote:
In the real world how vulnerable will these two be? Will I get incessant hacking at the open SSH port on the ipCop box trying to guess the password or will it just be the occasional port scan? Assuming the password is secure enough (i.e. unguessable enough and not published on the internet somewhere) will I be basically OK?
Just looking back in auth.log, I can see "61.166.6.60" in China tried to guess my root password 3 times at 23:43 last night and again at 06:58 this morning. Last week there were 8 attempts from Germany, Korea and China.
Thanks, that's just the sort of thing I wanted to know. So a good secure password should do most of what I need.
If you can use public key authentication instead of a password that'd probably improve matters further.