My secured box

OK!...
IPTables rules for SSH blockage demanded a shitload of CPU time, so now I'm back to using the perl app BlockSSHD. It's a hastle to compile requisites for, and compile itself, but it's worth it for the extra CPU idle-time I get in return. Damn...

Also, I decided I'm discontinuing the usage of PubKey authorization. It just exhausted the crappy wireless router I've set up to handle my SSH sessions, allthough using the 'ServerAliveInterval' option in SSH did help to keep the connections alive, the router did not handle the overhead that well. Since the router in question does not incorporate the option to flash the firmware with less memory-demanding software, this is the only option I had left.


...After testing this case-setup from work, I think I'll stick with it. It doesn't generate any overhead over the wireless connection according to my measurements, and it doesn't put the CPU under heavy strain at all. Thus my conclusion:

IF IT WORKS, DON'T FIX IT!