Oliver Fromme wrote:
> Graham Menhennitt wrote:
> > Christopher Hilton wrote:
> > > If it's at all possible switch to using public keys for authentication
> > > with ssh and disallow password authentication. This completely stops
> > > the brute forcing attacks from filling up your periodic sec
I can tell you what I do about these, which may not suit your situation
especially if this is on a high profile server, but if you are just
running FreeBSD for your own purposes I found this to be a great tool.
It's called BlockHosts and can be found here
http://www.aczoom.com/cms/blockhosts/
On Dec 21, 2006, at 3:59 PM, Graham Menhennitt wrote:
Christopher Hilton wrote:
If it's at all possible switch to using public keys for
authentication
with ssh and disallow password authentication. This completely stops
the brute forcing attacks from filling up your periodic security
mail.
Graham Menhennitt wrote:
> Christopher Hilton wrote:
> > If it's at all possible switch to using public keys for authentication
> > with ssh and disallow password authentication. This completely stops
> > the brute forcing attacks from filling up your periodic security mail.
> Are you sure abo
Christopher Hilton wrote:
> If it's at all possible switch to using public keys for authentication
> with ssh and disallow password authentication. This completely stops
> the brute forcing attacks from filling up your periodic security mail.
Are you sure about that? I only allow PublickeyAuthentic
Oliver Fromme wrote:
[ snip ]
In general that's not a good idea. If you do it wrong, it
makes DoS attacks against your machine easier (i.e. a clever
attacker might be able to lock yourself out of your own
machine). And getting it right is not easy.
The best way to prevent brute-forcing is to
On Thursday, 21. December 2006 17:33, Oliver Fromme wrote:
> Suhail Choudhury <[EMAIL PROTECTED]> wrote:
> > What's the easiest way to add an IP such as 80.192.49.213 to block it?
>
Easiest way to block any activity is to use /etc/hosts.allow file.
Port: denyhosts-2.5
Path: /usr/ports/securit
Suhail Choudhury <[EMAIL PROTECTED]> wrote:
> What's the easiest way to add an IP such as 80.192.49.213 to block it?
Easy:
# ipfw add deny ip from 80.192.49.213 to me
Depending on your existing rules, you might have to specify
a rule number, so the new rule is inserted at an appropriate
positio
In response to "Suhail Choudhury" <[EMAIL PROTECTED]>:
> Hi all,
>
> I'm using IPFW as my firewall.
>
> What's the easiest way to add an IP such as 80.192.49.213 to block it?
ipfw add deny all from 80.192.49.213 to me
Although you need to take into consideration your existing IPFW rules,
as th
