blacklisting failed ssh attempts
Charles Ulrich
charles at idealso.com
Thu Dec 2 06:52:51 PST 2004
Josh Paetzel said:
> This may or may not help you, but I generally firewall ssh so that
> only known addresses can get in. (whitelisting as opposed to
> blacklisting)
Thanks for the tip. We actually do this on some of our servers, but this is a
web server that we need to get to quickly should it stop working. It's looking
like I might just put ssh on a non-standard port and think about an IDS if
there these kind of attacks continue.
--
Charles Ulrich
Ideal Solution, LLC - http://www.idealso.com
More information about the freebsd-questions
mailing list