Date: Thu, 2 Dec 2004 09:32:51 -0500 (EST) From: "Charles Ulrich" <charles@idealso.com> To: "Josh Paetzel" <josh@tcbug.org> Cc: questions@freebsd.org Subject: Re: blacklisting failed ssh attempts Message-ID: <48465.24.11.146.21.1101997971.squirrel@24.11.146.21> In-Reply-To: <200412011204.10599.josh@tcbug.org> References: <43711.24.11.146.21.1101922894.squirrel@24.11.146.21> <200412011204.10599.josh@tcbug.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Josh Paetzel said: > This may or may not help you, but I generally firewall ssh so that > only known addresses can get in. (whitelisting as opposed to > blacklisting) Thanks for the tip. We actually do this on some of our servers, but this is a web server that we need to get to quickly should it stop working. It's looking like I might just put ssh on a non-standard port and think about an IDS if there these kind of attacks continue. -- Charles Ulrich Ideal Solution, LLC - http://www.idealso.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48465.24.11.146.21.1101997971.squirrel>