* Atanas <[EMAIL PROTECTED]>: > I really miss the inetd features. A setting like "nowait/100/20/5" > (/max-child[/max-connections-per-ip-per-minute[/max-child-per-ip]]) > would effectively bounce the bad guys, but AFAIK (correct me if I'm > wrong), ssh is no longer supposed to work via inetd and still has no > such capabilities.
We're succesfully running openssh-portable from inetd with: ssh stream tcp nowait/0/12 root /usr/local/sbin/sshd sshd -i -f /etc/ssh/sshd_config [EMAIL PROTECTED] grep ssh /var/log/messages Feb 14 02:15:04 lambda inetd[19345]: ssh from 62.81.185.120 exceeded counts/min (limit 12/min) Feb 14 02:15:04 lambda inetd[19345]: ssh from 62.81.185.120 exceeded counts/min (limit 12/min) Feb 14 16:43:15 lambda inetd[19345]: ssh from 220.130.23.134 exceeded counts/min (limit 12/min) ... I'd also recommend pam_af for locking out brute-forcers: http://mbsd.msk.ru/pam_af.html For example we have: <host hostname='tin.cn.ee.ccu.edu.tw'> <attempts>9</attempts> <last_attempt>Mon Nov 7 15:05:50 2005</last_attempt> <status>locked</status> </host> [EMAIL PROTECTED] sudo pam_af_tool statlist | grep locked | wc -l 363 Volker -- http://www-i2.informatik.rwth-aachen.de/stolz/ *** PGP *** S/MIME "All the excitement lies in pattern matching." (SPJ et al.) _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
