I’ve noticed that here lately my SSH server has had an increasing number of hackers trying to log in.  Mostly they’re from the APNIC (Asia-Pacific) region, but a fair number from other regions (include North America) as well.

Since I have no plans to travel abroad in the near future I went ahead and blocked out all IP addresses registered through any registrar except ARIN, and I also added several hosting companies that seem to to have customers that either don’t secure their servers well or they themselves launch cyber attacks.

It’s generally a good idea to make sure that any server that can be used to gain entry to your network is as secure and limited as possible.  Obviously you don’t want to go overboard and make it impossible for you to do what you need with relative ease; but that said, you don’t want to make it easy for others to do things to your computers.

Originally posted 2010-01-25 01:00:43.