On Friday 30 May 2008, Oliver Fromme wrote:

> Another idea would be to move sshd from the default port
> to a non-standard port, e.g. 222 or whatever.  Typically
> ssh brute force attacks target port 22 only.  This will
> also clear your logs from useless break-in attempts.

/usr/ports/security/denyhosts is quite good for permanently blocking 
access from IP's that make suspicious ssh probes. It reduces garbage in 
the logs too because after a remote address gets blocked future probes 
from it get rejected before they even get as far as being logged.

Mike Clarke
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to