Thousands of ssh probes
Robert Huff
roberthuff at rcn.com
Fri Mar 5 13:13:33 UTC 2010
John writes:
> My nightly security logs have thousands upon thousands of ssh
> probes in them. One day, over 6500. This is enough that I can
> actually "feel" it in my network performance. Other than
> changing ssh to a non-standard port - is there a way to deal with
> these? Every day, they originate from several different IP
> addresses, so I can't just put in a static firewall rule. Is
> there a way to get ssh to quit responding to a port or a way to
> generate a dynamic pf rule in cases like this?
There are several solutions in the ports system; I use
security/denyhosts.
Robert Huff
More information about the freebsd-questions
mailing list