<div>
Thanks guys. &nbsp;I think I'm gonna just limit the ssh access to the 2 places I ever connect. &nbsp;Sounds like that's my best bet. :) 
</div>


Thanks guys.  I think I'm gonna just limit the ssh access to the 2 places I ever connect.  Sounds like that's my best bet. :)

<div>
Think so. There should be a lot less attempts then.
</div>


Think so. There should be a lot less attempts then.

<div>
<div class="content wysiwyg-content">
Hello,<br />
I have linux server running CentOS, Apache, mySQL.<br />
I have an external Cisco firewall, and I currently connect to my server via SSH or Plesk 9.<br />
<br />
I have recently reviewed several 'logwatch' emails sent to me from my server. &nbsp;The content of these emails is beginning to worry me. &nbsp;There are over a hundred unauthorized attempts at accessing my server with usernames anywhere from 'Bob' to 'madman86'. &nbsp;I am the ONLY person who even knows about my server, so I'm wondering if these are hacking attempts? &nbsp;If so, is this normal? Is this something I should worry about? What is the best safeguard against these 'attempts'?
</div>
</div>


Hello,
I have linux server running CentOS, Apache, mySQL.
I have an external Cisco firewall, and I currently connect to my server via SSH or Plesk 9.

I have recently reviewed several 'logwatch' emails sent to me from my server.  The content of these emails is beginning to worry me.  There are over a hundred unauthorized attempts at accessing my server with usernames anywhere from 'Bob' to 'madman86'.  I am the ONLY person who even knows about my server, so I'm wondering if these are hacking attempts?  If so, is this normal? Is this something I should worry about? What is the best safeguard against these 'attempts'?

Logwatch beginning to worry me ?

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Vulnerabilities

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

The Linux operating system, in all its flavors, has its own share of security flaws that allow intrusions, but there are various mechanisms by which these flaws can be removed, generally divided into two parts: authentication and access control. Authentication is responsible for ensuring that a user requesting access to the system is really the user with the account, while access control is responsible for controlling which resources each account has access to and what kind of access is permitted.