Re: ssh scans

To: "David Wetzel" <dave%turbocat.de@localhost>, "NetBSD User Maillist" <netbsd-users%netbsd.org@localhost>
Subject: Re: ssh scans
From: "Cyrille Vladimirov" <kiro%kircho.net@localhost>
Date: Mon, 26 Oct 2009 22:31:38 +0200

Another one solution, just change default port 22 of ssh server to
something else, for example 4546. This will ignore lot of bots and
attacks.
Cyrille

On 10/26/2009, "David Wetzel" <dave%turbocat.de@localhost> wrote:

>Hi,
>
>I am seeing a lot of ssh scans and I am wondering if somebody has a
>solution like adding the bad hosts temporary to pf.conf or so?
>
>
>see for yourself:
>
>cat /var/log/authlog | grep -i failed | grep user | sed "s/.*from\ //
>g" | sed "s/ port .*//g" | sort | uniq -c
>
>David
>

References:
- ssh scans
  - From: David Wetzel

Prev by Date: Re: ssh scans
Next by Date: Re: ssh scans
Previous by Thread: Re: ssh scans
Next by Thread: Re: ssh scans
Indexes:

Home | Main Index | Thread Index | Old Index