[BlueOnyx:19983] Re: Hacker - what to do next

[Mitchell Rothschild]

Thank Michael - really appreciate your continued support.

>If APF is installed: The SSH GUI management page then gets extended by an
APF module and you can lock down SSH access via GeoIP, so that logins only
work from certain countries. 

This is great - I never knew this was there.

>Additionally you could add APF rules to only allow logins from certain IP
addresses. Use this to make SSH inaccessible to everyone but your own static
IP addresses that you use to administer the box.

To do this - do I?
Take out port 22 from apf firewall - ports
And add my static ip's to apf - whitelist

Regards,
Mitch