On 2020-06-21 15:33, Chuck Campbell wrote: > I'm running Centos 7.8.2003, with firewalld. > > I was getting huge numbers of ssh attempts per day from a few specific > ip blocks. If you can control the ssh clients, switch your port number to a non-standard port. Pick one in /etc/services that does not seem to be allocated. Then change "Port" in ssh_config and sshd_config; If other clients are being used (like Putty), it is easy to change it there. We used to get at least 50 probes per day on port 22. Now we get zero. Todd Merriman Software Toolz, Inc.