Date: Fri, 05 Mar 2010 14:34:45 +0100 From: Leslie Jensen <leslie@eskk.nu> To: John <john@starfire.mn.org>, freebsd-questions@freebsd.org Subject: Re: Thousands of ssh probes Message-ID: <4B910875.6070403@eskk.nu> In-Reply-To: <20100305125446.GA14774@elwood.starfire.mn.org> References: <20100305125446.GA14774@elwood.starfire.mn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2010-03-05 13:54, John wrote: > My nightly security logs have thousands upon thousands of ssh probes > in them. One day, over 6500. This is enough that I can actually > "feel" it in my network performance. Other than changing ssh to > a non-standard port - is there a way to deal with these? Every > day, they originate from several different IP addresses, so I can't > just put in a static firewall rule. Is there a way to get ssh > to quit responding to a port or a way to generate a dynamic pf > rule in cases like this? I use the pf firewall with sshguard. You'll see from the daily security how well it blocks :-) /Leslie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B910875.6070403>