Does anyone know if SSH Login Bruteforce Detected or SSH: SSH Login Failure Detected would detect ssh running on a port other than port 22 ? As far as i can see it is not possible to create a non-standard port for ssh traffic.
While it's possible to define non-standard ports (Policy > Intrusion Prevention > Advanced > Non-Standard Ports), SSH is not listed as an option.
If this is a feature you'd like to see in the future, I recommend submitting a product enhancement request. Thanks!
Technical Support Engineer
McAfee. Part of Intel Security.