Slowing Down SSH Authentication Attempts
I finally found a nice and simple way to slow down the thousands of SSH probes I get every day without changing the port number (though that’s only because I’m too lazy to remember to set the port number to connect to). This article on Using iptables to rate-limit incoming connections pretty much gives a good copy / paste solution that I threw in and quickly tested, and it works as advertised.
Hopefully now the numbers from logwatch will go down a bit. I got 11,000 thursday, followed closely by 20,000 on monday. They must really like me!