You might also want to check out http://openports.se/security/sshguard which integrates directly with PF. I find it quite effective.
On 29 Oct 2017 at 6:30, x9p wrote: > On 2017-10-29 04:35, Rupert Gallagher wrote: > > Note that PF cannot discriminate between legitimate and abusive > > multiple connections from same cidr. If you whitelist the cidr of a > > mobile network, to avoid banning yourself on port 993, you also > > whitelist bruteforce attacks from the same cidr. > > > > Sent from ProtonMail Mobile > > > > On Sun, Oct 29, 2017 at 5:26 AM, Tom Rosso <t...@oioioioo.org> wrote: > > > >> On 2017-10-28 21:20, x9p wrote: > Hi, > > Coming from the Linux world, > >> I wonder if there is a better alternative > to fail2ban, already being > >> used in OpenBSD servers by the majority. > > cheers. > > x9p The pf > >> firewall provides the capability to block brute force attacks. See > >> max-src-conn-rate. > >> https://www.openbsd.org/faq/pf/filter.html#stateopts > > was suggested http://openports.se/sysutils/sec , which seems the most > proper. > > thanks all for the inputs.. > > cheers. > > x9p > >
