Home > slashdot > Coping With 1 Million SSH Authentication Failures?

Coping With 1 Million SSH Authentication Failures?

March 6th, 2010 03:51 admin Leave a comment Go to comments

An anonymous reader writes “I own a small Web development studio that specializes in open source software, primarily Drupal, WordPress, and Joomla for small businesses. Our production servers, which host about 50 sites and generate ~20K hits/week, are managed by a 3rd party that I’m sure many on Slashdot would recognize. Earlier today I was researching some problems on one of our sites and found that there have been over 1 million SSH authentication failures from ~1200 IP addresses on one of our servers over the last year. I contacted the ISP, who had promised me that server security would be actively managed, and their recommendation was, ‘change the SSH port!’ Of course this makes sense and may help to an extent, but it still doesn’t solve the problem I’m facing: how do you manage server security on a tight budget with literally no system admin (except for me and I know I’m a n00b)? User passwords are randomly generated, we use a non-standard SSH port, and do not use any unencrypted services such as FTP. Is there a server monitoring program you would recommend? Is there an ISP or Web-based service that specializes in this?”

Source: Coping With 1 Million SSH Authentication Failures?

Related Articles:

  1. Ubisoft’s Authentication Servers Go Down
  2. Trivial Bypass of PayPal Two-Factor Authentication On Mobile Devices
  3. JP Morgan Breach Tied To Two-Factor Authentication Slip
  4. Heartbleed Bug Exploited Over Extensible Authentication Protocol
  5. CloudPassage Raises $6.5 Million For Cloud Server Security Software
blog comments powered by Disqus