From owner-freebsd-questions@FreeBSD.ORG Tue Nov 4 11:54:44 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E748972E for ; Tue, 4 Nov 2014 11:54:44 +0000 (UTC) Received: from outbound.ifdnrg.com (outbound.ifdnrg.com [193.200.98.38]) by mx1.freebsd.org (Postfix) with ESMTP id 8A50D26E for ; Tue, 4 Nov 2014 11:54:43 +0000 (UTC) Received: from [192.168.1.11] (host-78-148-104-204.as13285.net [78.148.104.204]) (authenticated bits=0) by outbound.ifdnrg.com (8.14.9/8.14.5) with ESMTP id sA4BZjUv091614 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Tue, 4 Nov 2014 11:35:46 GMT (envelope-from paul@ifdnrg.com) X-Authentication-Warning: outbound.ifdnrg.com: Host host-78-148-104-204.as13285.net [78.148.104.204] claimed to be [192.168.1.11] Message-ID: <5458BA0F.3010008@ifdnrg.com> Date: Tue, 04 Nov 2014 11:35:43 +0000 From: Paul Macdonald User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: sshguard pf References: <20141102154444.GA42429@ymer.thorshammare.org> <54581F0E.4080404@a1poweruser.com> <20141104110202.GA37003@ymer.thorshammare.org> In-Reply-To: <20141104110202.GA37003@ymer.thorshammare.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Nov 2014 11:54:45 -0000 On 04/11/2014 11:02, Hasse Hansson wrote: > Thank you Fbsd8 for your answer. > I'm aware of changing port for ssh, but I see it as a little bit of "givingup" > Gotta be some rather easy way of just blocking those attacks. Other than blocking > whole of CN and half of Asia. I've tried that too. It stopped the attacks and gave > me some room to think it over. the easy IS to change your ssh port, seriously it'll all just go away -- ------------------------- Paul Macdonald IFDNRG Ltd Web and video hosting ------------------------- t: 0131 5548070 m: 07970339546 e: paul@ifdnrg.com w: http://www.ifdnrg.com ------------------------- IFDNRG 40 Maritime Street Edinburgh EH6 6SA ---------------------------------------------------- High Specification Dedicated Servers from £100.00pm ----------------------------------------------------