Put some blocking rules on the shaper for SSH scan attempts this morning. Mainly tightening up access to the server net.
I allow access to a few hosts on the server net from anywhere, access to any host from the server net from a few nets, and any access to anything off the server net. The last is done with a range keyword in the rule, and the others are done with host lists.
Posted by Rowan Littell at September 30, 2005 01:02 PM