Do you resolve this matter? I also can not totally block the SSH login attempt in my route. Which each the CPU much.
I running Junos: 17.4R3.16
> show system processes extensive | match ssh | count
Count: 151 lines
I have add the filter on the lo0 interface of this route, still not effective
I also changed the SSH port to be over 10000, but NOT work too.
Sent: 08-31-2020 12:51
From: Unknown User
Subject: SSH arriving on ephemeral ports on MX80, above 10000 -- ssh block filters not effective.
Anyone else seeing log messages of late where SSH attempts are being received on NON ssh ports somehow? Only a full port block to the router's interfaces are effective:
rtredge-: Failed password for [some name]from [multiple IP addresses] port [above 10000] ssh2
Is there a new vulnerability for SSH for MX80s? Running 17.3 r3.10, using grp-apply firewall filters.