The world is full of bad people trying to get into your Linux server (type lastb as root to find out a little more.. it may take a while, but it'll give you a list of bad logins.. the usernames they tried, the ips they're coming from, etc..).
So - you need to catch and block these people, then let others know about it. While we're at it, we'll download a list of ips that others have found trying to log into their servers.. install DenyHosts.
Then use yum to install denyhosts as shown above..
After it's installed, add your ip address to /etc/hosts.allow so we don't get locked out ALL: 209.xx.xx.xx ALL: 209.xx.xx.xx ALL: 72.xx.xx.xx ALL: 71.xx.xx.xx
Edit the denyhosts.cfg located in /etc/denyhosts/ and configure it to your liking. Here are things that we've edited in the past: ADMIN_EMAIL = hosting@iqnection.com, rkennedy@iqnection.com BLOCK_SERVICE = ALL SYNC_SERVER = http://xmlrpc.denyhosts.net:9911 SYNC_INTERVAL = 1h SYNC_UPLOAD = yes SYNC_DOWNLOAD = yes DENY_THRESHOLD_ROOT = 3
Edit the WORK_DIR/allowed-hosts file and add these lines: (WORK_DIR is sometimes /var/lib/denyhosts/) # Don't block office Fios or comcast lines 72.xx.xx.xx 71.xx.xx.xx # Don't block nagios box 209.xx.xx.xx # Don't block keyserver 209.xx.xx.xx
