blacklisting failed ssh attempts

Charles Ulrich charles at idealso.com
Thu Dec 2 06:52:51 PST 2004


Josh Paetzel said:
> This may or may not help you, but I generally firewall ssh so that
> only known addresses can get in.  (whitelisting as opposed to
> blacklisting)

Thanks for the tip. We actually do this on some of our servers, but this is a
web server that we need to get to quickly should it stop working. It's looking
like I might just put ssh on a non-standard port and think about an IDS if
there these kind of attacks continue.

-- 
Charles Ulrich
Ideal Solution, LLC - http://www.idealso.com



More information about the freebsd-questions mailing list