You are reading a single comment by @Velocio and its replies.
Click here to read the full conversation.
London Fixed Gear and Single-Speed is a community of predominantly fixed gear and single-speed cyclists in and around London, UK.
This site is supported almost exclusively by donations. Please consider donating a small amount regularly.
@Velocio
Scripts attack SSH using dictionary attacks against common usernames in the hope that they gain access because of weak passwords. Once they've gained access they can usually attempt to use known flaws in older versions to try and elevate their privileges to take over the server. Once they've done that they have a nice untraceable method of sending lots of spam or spyware, etc. They don't care about what is on the server, they just want another server to add to their numbers to have an increase in capacity to do things like spam.
So long as your passwords are strong, you run SSH on a non-standard port and you jail shell all accounts and stick to using sudo or su and never login as root and keep all software up to date as well as block traffic from those who attempt to attack your server... you're fine.