To anyone that has had to deal with this issue, I feel you. I can recall less than 2 years ago how an SSH brute force attempt, our preventive/corrective actions, and their response (a weak DoS attempt) triggered a change in our internal process regarding SSH access to the outside world.
There was a fairly detailed write up on Security Focus earlier this week that describes someone else attacking the same issue we faced. While there are various ways to address the situation one thing is clear. We are never alone in this fight and as long as we can freely share our experiences and knowledge we can only grow in our understanding and ability to fight off these types of attacks (or conduct them depending on where you stand).
Advertisements
