Ataques contra ssh

To: debian-user-portuguese@lists.debian.org
Subject: Ataques contra ssh
From: Erick <debianizer@gmail.com>
Date: Sat, 11 Feb 2006 19:22:25 -0200
Message-id: <[🔎] 680ef8040602111322t6aae2619h@mail.gmail.com>

Boa noite pessoal,
instalei um servidor ssh ha algum tempo no PC de casa, e percebi
algumas entradas no /var/log/auth.log como essas:

Nov 25 14:24:47 localhost sshd[2611]: Illegal user test from 82.77.21.170
Nov 25 14:25:39 localhost sshd[2642]: Illegal user tester from 82.77.21.170
Nov 25 14:26:32 localhost sshd[2672]: Illegal user testing from 82.77.21.170
Nov 25 14:27:17 localhost sshd[2704]: Illegal user guest from 82.77.21.170
Nov 25 14:28:00 localhost sshd[2732]: Illegal user account from 82.77.21.170
Nov 27 01:32:44 localhost sshd[1583]: Illegal user a from 69.164.235.110
Nov 27 01:32:47 localhost sshd[1586]: Illegal user b from 69.164.235.110
Nov 27 01:32:49 localhost sshd[1589]: Illegal user c from 69.164.235.110
Dec 4 20:29:36 localhost sshd[1624]: Illegal user demo from 211.100.33.142
Dec 4 20:30:30 localhost sshd[1646]: Illegal user admin from 211.100.33.142
Dec 4 20:31:49 localhost sshd[1678]: Illegal user student from 211.100.33.142
Dec 20 13:43:46 localhost sshd[2353]: Illegal user clark from 200.162.80.236

Isso me parece aqueles programinhas que varrem a Internet atras de portas abertas
e depois tentam um ataque de brute-force. Minha duvida é se eu deveria me preocupar com isso.
Trocar a porta padrao [22] diminui ou evita totalmente esse tipo de ataque 'ás cegas' ?

Obrigado

Reply to:

Follow-Ups:
- Re: Ataques contra ssh
  - From: "Fabio Guerrazzi" <linux@fg.med.br>
- Re: Ataques contra ssh
  - From: "Luiz Fernando Oliveira Silva" <lufeoslinux@bol.com.br>

Prev by Date: Re: Samba
Next by Date: Problemas com upload usando CBQ
Previous by thread: Leia antes de APAGAR
Next by thread: Re: Ataques contra ssh
Index(es):
- Date
- Thread