On 1/02/2008, at 9:11 PM, Richard Toohey wrote:
On 1/02/2008, at 8:39 PM, Peter N. M. Hansteen wrote:
Chris <[EMAIL PROTECTED]> writes:
my logs are filled with useless ssh bruteforce attempts - is there
anything i can do to avoid logging random brute force attacks?
since i
disallow ssh root login and use the allowuser acl - i guess i could
just avoid logging all these random attacks in my logs.
Not sure if it fixes your exact problems (which logs exactly are
being filled? pflog? authlog? Are you
using pf or just sshd?)
Sorry, ignore the dumb question about which logs - I just have to
look at my
own logs to see. Not much noise in my logs with sshd on high port
numbers, and the
next step after that is to follow Peter's suggestions ... if you are
using (or can use)
pf. And if you do, the book is worth a read!
