|
|
|
|
|
|
by pert
6180 days ago
|
|
|
I'd say the the single most important thing that you've mentioned there is 'logcheck'. If you can remove all of the login spam (by moving ssh to a non-default port for example), then watching your logs becomes a reasonable task and will alert you to any specifically targeted attacks. |
|
|