sshd attacks
I've been getting attacks against my sshd server:
Failed logins from these: admin/password from 12.47.62.139: 2 Time(s) admin/password from 134.21.2.227: 2 Time(s) guest/password from 12.47.62.139: 1 Time(s) guest/password from 134.21.2.227: 1 Time(s) guest/password from 210.1.9.227: 1 Time(s) guest/password from 61.193.179.162: 1 Time(s) root/password from 12.47.62.139: 3 Time(s) root/password from 134.21.2.227: 3 Time(s) test/password from 12.47.62.139: 2 Time(s) test/password from 134.21.2.227: 2 Time(s) test/password from 210.1.9.227: 1 Time(s) test/password from 61.193.179.162: 1 Time(s) user/password from 12.47.62.139: 1 Time(s) user/password from 134.21.2.227: 1 Time(s)
If you have one of these common accounts, shut off logins from them:
## lines added to /etc/ssh/sshd_config PermitRootLogin no DenyUsers admin guest test user ## EOF