On Wed, Feb 09, 2011 at 03:55:42PM -0500, Vadym Chepkov wrote:
> Feb 8 11:27:01 castor sshd[57304]: Invalid user ariane from 113.185.0.16
count = 1000, last = 01
> Feb 8 11:27:04 castor sshd[57306]: Invalid user armand from 113.185.0.16
diff = 3, count -= 1000 * 3 / 60, += 1000, count = 1950,
On Feb 9, 2011, at 5:00 AM, Damien Fleuriot wrote:
> Looks like my previous message didn't make it to the list.
>
>
> @OP: nothing indicates that your table is getting populated correctly.
>
> While this doesn't address your main issue, you may want to install
> sshguard which will automatica
On Feb 9, 2011, at 1:51 PM, Daniel Hartmeier wrote:
> On Tue, Feb 08, 2011 at 08:07:52PM -0500, Vadym Chepkov wrote:
>
>> No idea, why it didn't stop after 9 attempts.
>
> The connection rate is not calculated precisely, from pf.conf(5)
>
> max-src-conn-rate /
> Limit the rate
On Tue, Feb 08, 2011 at 08:07:52PM -0500, Vadym Chepkov wrote:
> No idea, why it didn't stop after 9 attempts.
The connection rate is not calculated precisely, from pf.conf(5)
max-src-conn-rate /
Limit the rate of new connections over a time interval. The con-
necti
Looks like my previous message didn't make it to the list.
@OP: nothing indicates that your table is getting populated correctly.
While this doesn't address your main issue, you may want to install
sshguard which will automatically blacklist attackers and populate a
dedicated table.
On 2/8/11
I didn't see anything the author posted to indicate that his abusive hosts
table was being populated.
@OP: install sshguard from the ports
---
Fleuriot Damien
On 8 Feb 2011, at 23:26, "Helmut Schneider" wrote:
>> Could somebody help in figuring out why PF configuration meant to prevent
>> br
