Thousands of ssh probes
John
john at starfire.mn.org
Fri Mar 5 12:54:47 UTC 2010
My nightly security logs have thousands upon thousands of ssh probes
in them. One day, over 6500. This is enough that I can actually
"feel" it in my network performance. Other than changing ssh to
a non-standard port - is there a way to deal with these? Every
day, they originate from several different IP addresses, so I can't
just put in a static firewall rule. Is there a way to get ssh
to quit responding to a port or a way to generate a dynamic pf
rule in cases like this?
--
John Lind
john at starfire.MN.ORG
More information about the freebsd-questions
mailing list