Who's goes there?

[movieman]

I was wondering , you guys seem to be in the know. Should i be worried if i got 3 ssh attempts on my linux box and all were blocked by firewall -- firestarter gui -- ? thanks in advance

Not really; ssh port scans are common for any machine that's connected to the Internet. If they've been blocked by the firewall, there's not much else you can do other than block them with a hardware firewall before they even reach your server.

If you do want ssh visible over the Internet, you should set it to a non-standard port so script kiddies won't find it; determined hackers will obviously try scanning all ports and find it eventually anyway, but most will just scan for machines with ssh on the default port and then try to break into those by looking for weak passwords. Ideally, disable password login entirely and use 2048+ bit RSA keys instead.

[jmore9]

oj thanks for the info

[Fate Reconciled]

As long as SSH isn't open it shouldn't matter.

[Fate Reconciled]

Alright. I got the exact answer I was looking for here. I've pretty much figured out what has to be done at this point. With legalities and the fact this is a hypothetical situation in mind.

Thanks guys!