How to deal with SSHD invalid user XXXX from www.xxx.yyy.xxx
Is there an easy way to deal with these type of messages
Sep 24 20:43:53 blackdog sshd[10723]: Invalid user user1 from 210.221.154.12
Sep 24 20:43:56 blackdog sshd[10725]: Invalid user user1 from 210.221.154.12
Sep 24 20:43:59 blackdog sshd[10727]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:02 blackdog sshd[10729]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:05 blackdog sshd[10731]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:08 blackdog sshd[10733]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:10 blackdog sshd[10735]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:13 blackdog sshd[10737]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:16 blackdog sshd[10739]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:19 blackdog sshd[10741]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:22 blackdog sshd[10743]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:25 blackdog sshd[10745]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:28 blackdog sshd[10747]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:31 blackdog sshd[10749]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:34 blackdog sshd[10751]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:37 blackdog sshd[10753]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:39 blackdog sshd[10755]: Invalid user user1 from 210.221.154.12
Sep 24 20:44:42 blackdog sshd[10757]: Invalid user user1 from 210.221.154.12
Sometimes there are a whole slew of users with different IP addresses.
What I would like is to ensure I'm the ONLY person who can access this box. I leave it on as I access it via SSH and a tunnel (for VNC) so I can access it remotely from work.
I'm afraid I don't have too much knowledge on security etc --I've password protected drives and directories and ensure you can't logpon as root remotely but I'm not certain what else I need to do..
Any help or references --greatly appreciated
Cheers
-K
|