topic Blocking brute force SSH to firewall in General Topics

Blocking brute force SSH to firewall

dscott98 — Fri, 13 May 2016 17:15:06 GMT

For various business reasons I need to allow SSH directly to a PA-3020 to manage the unit. Is there a way to apply a vulenerability policy to this traffic so that I can block bruteforce attacks?

Thanks

Dustin

Re: Blocking brute force SSH to firewall

PatrickWalton — Fri, 13 May 2016 18:18:03 GMT

Is it possible to setup a vpn tunnel for yourself, then ssh to an inside management ip? I would be careful opening any external port up for management, especially if you use local authentication credentials.

Re: Blocking brute force SSH to firewall

tsrivastav — Sun, 15 May 2016 05:25:30 GMT

Re: Blocking brute force SSH to firewall

tsrivastav — Sun, 15 May 2016 05:32:23 GMT

Hope the above attachment will answer your question.

--------------------------------------------------------------------------

# You can call this vulnaribility profile in the intrested security policy ( if the traffic is from unt to unt or a intrazone traffic )
# Please create a seperate security policy as default intrazone profile will not contain this Vul. Profile.
#Clone a default one to make the changes as in default one you will not be able to make any changes.

# Default action is alert, Change the action and number of attempts as per your needs.

Thank you