Aflatoon Aflatooni wrote:
I have the following in my pf.conf:
ext_if="bge0"
# Public Services -- smtp, http, pop3s
tcpPubServices = "{ 25, 80, 995 }"
set timeout { interval 10, frag 30 }
set timeout { tcp.first 120, tcp.opening 30, tcp.established 86400 }
set timeout { tcp.closing 900, tcp.fin
> Aflatoon Aflatooni wrote:
> >>> Is there a way that I could configure the server so that if there are for
> >> example X attempts from an IP address then for the next Y hours all the
> >> SSH
> requests would be ignored from that IP address? There are only a handful of
> people who have acces
Aflatoon Aflatooni wrote:
Is there a way that I could configure the server so that if there are for
example X attempts from an IP address then for the next Y hours all the SSH
requests would be ignored from that IP address? There are only a handful of
people who have access to that server.
Ye
> >
> > Is there a way that I could configure the server so that if there are for
> example X attempts from an IP address then for the next Y hours all the SSH
> requests would be ignored from that IP address? There are only a handful of
> people who have access to that server.
>
> Yes.
>
> I
Svante Kvarnstrom wrote:
On Oct 9, 2009, at 11:56 PM, Matthew Seaman wrote:
plus you'll need to add a cron job to clear old entries out of the
ssh-bruteforce
table after a suitable amount of time has passed. Use expiretable to do
that.
I believe that security/expiretable is superfluous now
On Oct 9, 2009, at 11:56 PM, Matthew Seaman wrote:
plus you'll need to add a cron job to clear old entries out of the
ssh-bruteforce
table after a suitable amount of time has passed. Use expiretable
to do
that.
I believe that security/expiretable is superfluous nowadays since
pfctl su
- Original Message
> From: Gary Gatten
> To: Adam Vande More ; Aflatoon Aflatooni
>
> Cc: freebsd-questions@freebsd.org
> Sent: Fri, October 9, 2009 5:53:10 PM
> Subject: RE: Security blocking question
>
> I might also add, if it's only a handfu
Aflatoon Aflatooni wrote:
Hi,
The production server that has a public IP address has SSH enabled. This server
is continuously under dictionary attack:
Oct 8 12:58:40 seven sshd[32248]: Invalid user europa from 83.65.199.91
Oct 8 12:58:40 seven sshd[32250]: Invalid user hacked from 83.65.199.91
flatoon Aflatooni
Cc: freebsd-questions@freebsd.org
Subject: Re: Security blocking question
On Fri, Oct 9, 2009 at 4:45 PM, Aflatoon Aflatooni
wrote:
> Hi,
> The production server that has a public IP address has SSH enabled.
This
> server is continuously under dictionary attack:
>
On Fri, Oct 9, 2009 at 5:45 PM, Aflatoon Aflatooni wrote:
> Hi,
> The production server that has a public IP address has SSH enabled. This
> server is continuously under dictionary attack:
> Oct 8 12:58:40 seven sshd[32248]: Invalid user europa from 83.65.199.91
> Oct 8 12:58:40 seven sshd[3225
On Fri, Oct 09, 2009 at 02:45:51PM -0700, Aflatoon Aflatooni wrote:
[...]
> Is there a way that I could configure the server so that if there are for
> example X attempts from an IP address then for the next Y hours all the SSH
> requests would be ignored from that IP address?
> There are only
On Fri, Oct 9, 2009 at 4:45 PM, Aflatoon Aflatooni wrote:
> Hi,
> The production server that has a public IP address has SSH enabled. This
> server is continuously under dictionary attack:
> Oct 8 12:58:40 seven sshd[32248]: Invalid user europa from 83.65.199.91
> Oct 8 12:58:40 seven sshd[32250
12 matches
Mail list logo
