[Info-vax] SSH on VAX - performance impact of break in attempts

[Michael Moroney]

VAXman-  @SendSpamHere.ORG writes:

>This is not only a problem with Multinet ssh or with ssh on VMS; it affects
>other systems as well.  I have advocated changing the listener port from 22
>here and in other forums.  I have moved all of my ssh servers from 22 to a
>port number high up in the ephemeral port range.  Nary a squeak from any of
>the consoles reporting an ssh breakin attempt now.

This has been going on for many, many years.  I handled it differently.
I coded up some code that listens to the audit server, and if breakin
evasion gets triggered, and the source is SSH, FTP or TELNET, I'd toss
the originating /24 into a routing black hole where it will remain until
the sun goes nova or VMS reboots, whichever happens first.