Wes Santee wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Chris Maness wrote:
In my auth log I see alot of bruit force attempts to login via ssh. Is
there a way I can have the box automatically kill any tcp/ip
connectivity to hosts that try and fail a given number of times? Is
there a port or something that I can install to give this kind of
protection. I'm still kind of a FreeBSD newbie.
security/bruteforeceblocker (requires pf as the firewall)
security/denyhosts (uses tcp_wrappers and /etc/hosts.allow)
security/sshit (requires ipfw as firewall)
I rolled my own solution and haven't used any of these, so I don't know
how well they work in practice. They probably all require some initial
setup and configuration.
Cheers,
- -Wes
Thanks, I played with all three. Denyhosts is the best hands down.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
