Thousands of ssh probes
Programmer In Training
pit at joseph-a-nagy-jr.us
Fri Mar 5 13:04:25 UTC 2010
On 03/05/10 06:54, John wrote:
> My nightly security logs have thousands upon thousands of ssh probes
> in them. One day, over 6500. This is enough that I can actually
> "feel" it in my network performance. Other than changing ssh to
> a non-standard port - is there a way to deal with these? Every
> day, they originate from several different IP addresses, so I can't
> just put in a static firewall rule. Is there a way to get ssh
> to quit responding to a port or a way to generate a dynamic pf
> rule in cases like this?
Can you not deny all ssh attempts and then allow only from certain,
trusted IPs?
--
Yours In Christ,
PIT
Emails are not formal business letters, whatever businesses may want.
Original content copyright under the OWL http://owl.apotheon.org
Please do not CC me. If I'm posting to a list it is because I am subscribed.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20100305/196f4d77/signature.pgp
More information about the freebsd-questions
mailing list