I have been using pf (on an OpenBSD box) to automatically block
offending IP address using pf and it seems to work well for me.
Basically when an attackers tries to connect x number of times in y
minutes, I have the firewall set up to block the automatically.
Works like a charm.
A
Patrick Tracanelli wrote:
Jordan Sissel wrote:
On 4/11/06, Daniel Gerzo <[EMAIL PROTECTED]> wrote:
Hello Dmitriy,
Tuesday, April 11, 2006, 7:04:37 PM, you typed the following:
On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote:
Hy, I'm triing to find a solution to bruteforce attack, mostly on
port
22, without
moving services on different ports.
try to use
/usr/ports/security/sshit
maybe security/bruteforceblocker
If you're looking for something with a more generalized approach,
check out
sysutils/grok. It comes with examples that block brute force efforts,
and
can do much more.
Doesnt open sshd itself has a feature which blocks or imposes a delay
upon a number of failed logins from the same address?
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
