Sorry for top-post, I'm relegated to webmail for the moment... :-( -----Original Message----- From: [email protected]
> If I had a nickel for every ssh woodpecker we see, I could retire to a > bungalow > on a nice beach somewhere in the cheaper part of the Pacific Rim. If I counted > the ones we *don't* see because we don't even bother logging them, I'd > probably > have a McMansion on the expensive side of the Pacific Rim. ;) Amen to that. Depending on the size of your internet-facing netblocks, this gets out of hand real fast. The counts might be interesting for metrics or powerpoint slides as a measure of such activity, but get out of hand real quickly (though probably sells a lot of SIEM SAN storage). Reminds me of the userland "firewalls" a few years back that would throw together a nice abuse@ report for such "unsolicted attack" behavior. IWF ring any bells? :-) Jeff _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
