View Single Post
  #7   (View Single Post)  
Old 1st July 2018
e1-531g e1-531g is offline
ISO Quartermaster
Join Date: Mar 2014
Posts: 612

Originally Posted by frcc View Post
He can use the "log" syntax in Pf which will create a log for any
blocked/dropped/passed packet he chooses. Packet filtering would pre-emt
any SSH login attempt based on his filter rules.

Also, the "table" syntax can be used to quickly determine sources to
be accepted or rejected in route to an SSH port.
But IP address can:
1. change
2. be spoofed

IMHO granting access just by having IP address isn't enough. SSH uses cryptography to authenticate users.
PF is good for blocking port scanning, DoS or small DDoS attacks, though.
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote