look at: http://cr.yp.to. Em ter, 9 de jul de 2019 às 16:52, Thomas Smith <anon1...@icloud.com> escreveu: > > Hi, > > I'm considering an option to evaluate connecting IPs before they're evaluated > by `pf` in order to make some decisions about the "reputation" of a > connecting IP. Then if that reputation is low enough, some action could > either be taken: in `pf` to protect the associated application (say by > blocking the connection); or in the app responsible for the listening port. > > `pf`, unfortunately, isn't able to make routing decisions based on external > factors (insofar as I understand)--I'm hoping to add some additional (very > simple) intelligence to that. Just another metric or two for determining if a > connection is legitimate. > > I've been looking into TCP wrappers for OpenBSD but it seems that this > functionality was removed in version 5. Is my understanding of that correct? > > If so, is there an alternate way to achieve what I mentioned? > > I know I can use something like sshguard or fail2ban, but I'm looking for a > much simpler option and one that preferably doesn't rely on tailing log files > (if there aren't viable alternatives, I may consider these, however). > > ~ Tom >
-- Pag Bem Fácil Ltda www.pagbemfacil.com.br
