From owner-freebsd-questions@FreeBSD.ORG  Fri Mar  5 15:52:23 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id ADB2C106566C
	for <freebsd-questions@freebsd.org>;
	Fri,  5 Mar 2010 15:52:23 +0000 (UTC)
	(envelope-from merlyn@stonehenge.com)
Received: from blue.stonehenge.com (blue.stonehenge.com [209.223.236.162])
	by mx1.freebsd.org (Postfix) with ESMTP id 8AD0C8FC17
	for <freebsd-questions@freebsd.org>;
	Fri,  5 Mar 2010 15:52:23 +0000 (UTC)
Received: by blue.stonehenge.com (Postfix, from userid 1001)
	id EE6BC1DE27D; Fri,  5 Mar 2010 07:51:52 -0800 (PST)
To: John <john@starfire.mn.org>
References: <20100305125446.GA14774@elwood.starfire.mn.org>
	<4B910139.1080908@joseph-a-nagy-jr.us>
	<20100305132604.GC14774@elwood.starfire.mn.org>
	<1108389354.20100305154152@sng.by>
	<861vfy6add.fsf@blue.stonehenge.com>
	<20100305154654.GB17456@elwood.starfire.mn.org>
From: merlyn@stonehenge.com (Randal L. Schwartz)
x-mayan-date: Long count = 12.19.17.2.18; tzolkin = 9 Etznab; haab = 16 Kayab
Date: Fri, 05 Mar 2010 07:51:52 -0800
In-Reply-To: <20100305154654.GB17456@elwood.starfire.mn.org>
	(john@starfire.mn.org's message of "Fri,
	5 Mar 2010 09:46:54 -0600")
Message-ID: <86sk8e4vhj.fsf@blue.stonehenge.com>
User-Agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: freebsd-questions@freebsd.org,
	Programmer In Training <pit@joseph-a-nagy-jr.us>, Anton <anton@sng.by>
Subject: Re: Thousands of ssh probes
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Mar 2010 15:52:23 -0000

>>>>> "John" == John  <john@starfire.mn.org> writes:

John> Yes - that's exactly what I used to do, and exactly why I used to do
John> it, but now I'm thinking of actually implement https.

Rent more than one IP. :)  I have a block of 8 for exactly that reason.

It allows me to run sshd on 443 *and* https on a different 443,
and a mailer on one 25 and a high-mx mail spamtrap on another port 25.

  stonehenge.com mail is handled by 5 blue.stonehenge.com.
  stonehenge.com mail is handled by 666 spamtrap.stonehenge.com.

The spamtrap is a shiny object for spam, and anything that goes there gets
blocked for an hour from hitting the low port.  I presented this at a
conference once.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion