On Tue, Nov 27, 2012 at 3:25 PM, Aleksandr Miroslav <[email protected]>wrote:
> Finally got sick of seeing tons of ssh break-in attempts in my logs. Am > considering using denyhosts, or fail2ban. Anyone have any experience > with these? > > I'm already using the AllowUsers facility of ssh to only allow specific > users in, so I'm not overly concerned about the attempts. > > This is for a FreeBSD 8.x box running pf, btw. > > Thanks > I've been using fail2ban (security/py-fail2ban) for a few years on my FreeBSD and Linux systems and can't complain. I like that I can easily write a regex for any arbitrary log file and perform any action I want. By default, the port will install both ipfw and pf "actions." I can't give an honest opinion about DenyHosts or SSHGuard, having never used them. Fail2Ban, however, isn't specific to a service or action - simply a regex matches a log file and performs an action. Josh _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
