Quote:
Originally Posted by frcc
He can use the "log" syntax in Pf which will create a log for any
blocked/dropped/passed packet he chooses. Packet filtering would pre-emt
any SSH login attempt based on his filter rules.
Also, the "table" syntax can be used to quickly determine sources to
be accepted or rejected in route to an SSH port.
|
But IP address can:
1. change
2. be spoofed
IMHO granting access just by having IP address isn't enough. SSH uses cryptography to authenticate users.
PF is good for blocking port scanning, DoS or small DDoS attacks, though.