On Fri, Mar 5, 2010 at 2:54 PM, John <j...@starfire.mn.org> wrote: > My nightly security logs have thousands upon thousands of ssh probes > in them. One day, over 6500. This is enough that I can actually > "feel" it in my network performance. Other than changing ssh to > a non-standard port - is there a way to deal with these? Every > day, they originate from several different IP addresses, so I can't > just put in a static firewall rule. Is there a way to get ssh > to quit responding to a port or a way to generate a dynamic pf > rule in cases like this? > -- > > John Lind > j...@starfire.mn.org > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" >
Look at security/blocksshd and security/denyhosts Also changing SSH to a non-standard port helps - a lot. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"