Hi Steve, > I am running OpenBSD 3.7-stable, pretty standard install, spamd > greylisting, httpd, sendmail. Going over my log files, I have > noticed that I am more and more coming under attach with dictionary > based login attempts to the SSH port.
I don't know if this still holds true, but some months ago rogue Linux machines were responsible for large scale network probing. It's in the archives; please go check. Short version: block in log proto tcp from any os Linux to ($ext_if) port ssh ...might help. Be careful not to lock yourself out... Nico
