Hi,I am seeing a lot of ssh scans and I am wondering if somebody has a solution like adding the bad hosts temporary to pf.conf or so?
see for yourself:cat /var/log/authlog | grep -i failed | grep user | sed "s/.*from\ // g" | sed "s/ port .*//g" | sort | uniq -c
David