Thousands of ssh probes

Programmer In Training pit at
Fri Mar 5 13:04:25 UTC 2010

On 03/05/10 06:54, John wrote:
> My nightly security logs have thousands upon thousands of ssh probes
> in them.  One day, over 6500.  This is enough that I can actually
> "feel" it in my network performance.  Other than changing ssh to
> a non-standard port - is there a way to deal with these?  Every
> day, they originate from several different IP addresses, so I can't
> just put in a static firewall rule.  Is there a way to get ssh
> to quit responding to a port or a way to generate a dynamic pf
> rule in cases like this?

Can you not deny all ssh attempts and then allow only from certain,
trusted IPs?

Yours In Christ,

Emails are not formal business letters, whatever businesses may want.
Original content copyright under the OWL
Please do not CC me. If I'm posting to a list it is because I am subscribed.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
Url :

More information about the freebsd-questions mailing list