Quote:
Originally Posted by There0
I actually use snort and have it drop offending IP's into /etc/hosts.deny, i am certain that snort can be configured to your specifications regarding blocking port 22 TCP requests and blocked/logged accordingly.
|
Ok. I'll look into it.
Its quite true that the ssh probe behaviour has changed during the last months. But not with other ports (e.g. 5900).