I am looking for the most efficient way to block all incoming ssh connections to my internal network using a palo alto running 8.1.10 software. I noticed today that there is a lot of attempts to connect to one of our servers from a wide range of other countries. It seems like a brute force attack. We have a vulnerability policy setup to prevent large amounts of connection attempts, but I don't have any systems that need external ssh access from anyone who doesn't have access to our global protect VPN, so I would like to shut it down completely. I am just not sure what the best approach is.
No comments:
Post a Comment