Week 1 Hosting SSHD - Gee Whiz Security Stats

I installed the 8.0 version of FreeBSD this week in a VirtualBox image, and I thought that it would be fun to let some of my friends use it as a web server test bed.  I therefore setup an SSH server and hardened it using some of the recommendations from this web page: - Securing OpenSSH

Specifically, I set the following properties: - I explicitly turned off root logins. This is the default on FreeBSD, and it should be the default on every Linux and Unix server (even though it isn't). - I deny access to anyone using the SSH 1 protocol. - I turned off password authentication.  Instead, anyone who logs in has to use keypair authentication.

With all of these settings, I feel like my SSH server is safe enough.  However, I was curious to see if anyone had actually tried to crack it.  I mean, it's only been up for 3 days.  The bad robots of the Internet could not have possibly found my little SSH garden in the shade, right? A quick look at /var/log/auth.log brings me back to Earth.  To my surprise, their have already been hundreds of attempted logins from multiple sources.  Here's the statistics related to people who are trying to crack my SSH server.  Remember, this server is 3-days old. - *865*failed login attempts - *281*unique login names - Some of the names are fairly comical (12345?), and many of them are very uncommon (Agatha?).

I can't help but compare any publicly-available, networked service to a car that is parked in the middle of a city containing a billion people.  No matter how small and obscure your car is, you can't afford to park it without locking your doors.

Last Updated .