Thousands of ssh probes

Robert Huff roberthuff at
Fri Mar 5 13:13:33 UTC 2010

John writes:

>  My nightly security logs have thousands upon thousands of ssh
>  probes in them.  One day, over 6500.  This is enough that I can
>  actually "feel" it in my network performance.  Other than
>  changing ssh to a non-standard port - is there a way to deal with
>  these?  Every day, they originate from several different IP
>  addresses, so I can't just put in a static firewall rule.  Is
>  there a way to get ssh to quit responding to a port or a way to
>  generate a dynamic pf rule in cases like this?

	There are several solutions in the ports system; I use

				Robert Huff

More information about the freebsd-questions mailing list