On Fri, Mar 5, 2010 at 2:54 PM, John <[email protected]> wrote: > My nightly security logs have thousands upon thousands of ssh probes > in them. One day, over 6500. This is enough that I can actually > "feel" it in my network performance. Other than changing ssh to > a non-standard port - is there a way to deal with these? Every > day, they originate from several different IP addresses, so I can't > just put in a static firewall rule. Is there a way to get ssh > to quit responding to a port or a way to generate a dynamic pf > rule in cases like this? > -- > > John Lind > [email protected] > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[email protected]" >
Look at security/blocksshd and security/denyhosts Also changing SSH to a non-standard port helps - a lot. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
