Hey dudes, got a couple of SSH brute force attempts over the last few days. I opened up port 22 so I could SSH from work. I had three seperate attempts, could be sniffers, but I was using Bittorrent at the time so it may just have been chancers. Thing is, I don't particularly want ot have to shutdown SSH (it is temporarily), don't see that I should have to. So any recommendations? What should I be doing, and apart from /var/log and the various .bash_history filesis there anything I should check to see if I'm compromise.
Gonna put on my rootkithunter again, hadn't put it on since I last upgraded. Any help appreciated guys. In fact here's your bananas in advance.... :banana: