Thousands of ssh probes
Leslie Jensen
leslie at eskk.nu
Fri Mar 5 13:34:54 UTC 2010
On 2010-03-05 13:54, John wrote:
> My nightly security logs have thousands upon thousands of ssh probes
> in them. One day, over 6500. This is enough that I can actually
> "feel" it in my network performance. Other than changing ssh to
> a non-standard port - is there a way to deal with these? Every
> day, they originate from several different IP addresses, so I can't
> just put in a static firewall rule. Is there a way to get ssh
> to quit responding to a port or a way to generate a dynamic pf
> rule in cases like this?
I use the pf firewall with sshguard. You'll see from the daily security
how well it blocks :-)
/Leslie
More information about the freebsd-questions
mailing list