Page 1 of 1

SSH packet dropped

Posted: 21 Feb 2019, 20:07
by heniabida
Hello Clavister experts,

I have recently detected that we cannot access Linux servers with public IP through SSH.
I've tracked the issue and I found that they are indicated in IP Reputation list.
Is there any method to solve this by skipping IP Reputation or to allow all outbound SSH traffic.
Any one has faced this problem ? What can be the root cause ? :oops: :oops:

PS: This issue has suddenly appeared even I haven't applied any modification.
:| :|

Re: SSH packet dropped

Posted: 28 Feb 2019, 11:00
by anders s
You can add the IP to whitelist under Threat prevention\general\whitelist.
The root cause is probably that someone else has accessed the server through SSH and done something malicious from it. Search the log for category=blacklist to see if it is listed as botnet, scanner or DoS