Date: Fri, 5 Mar 2010 08:12:52 -0500 From: Robert Huff <roberthuff@rcn.com> To: John <john@starfire.mn.org> Cc: freebsd-questions@freebsd.org Subject: Thousands of ssh probes Message-ID: <19345.852.647315.197426@jerusalem.litteratus.org> In-Reply-To: <20100305125446.GA14774@elwood.starfire.mn.org> References: <20100305125446.GA14774@elwood.starfire.mn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
John writes: > My nightly security logs have thousands upon thousands of ssh > probes in them. One day, over 6500. This is enough that I can > actually "feel" it in my network performance. Other than > changing ssh to a non-standard port - is there a way to deal with > these? Every day, they originate from several different IP > addresses, so I can't just put in a static firewall rule. Is > there a way to get ssh to quit responding to a port or a way to > generate a dynamic pf rule in cases like this? There are several solutions in the ports system; I use security/denyhosts. Robert Huff
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19345.852.647315.197426>