SSHgaurd and PF
Justin V.
vic at yeaguy.com
Tue Nov 2 17:40:10 UTC 2010
On Tue, 2 Nov 2010, Rob Farmer wrote:
> On Tue, Nov 2, 2010 at 10:03, Justin V. <vic at yeaguy.com> wrote:
>> This is the guide I used:
>>
>> http://www.sshguard.net/docs/setup/firewall/pf/
>>
>> I followed this section to block all brute attempts:
>
> Right, but did you do this part too?
>
> http://www.sshguard.net/docs/setup/getlogs/syslog/
>
> The part you mentioned sets up the table and has pf drop the
> connection attempts, but you need to configure syslog to fill the
> table with IPs of attackers.
>
> --
> Rob Farmer
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
Actually this was installed after the port completed:
yeaguy# grep sshg /etc/syslog.conf
auth.info;authpriv.info |exec /usr/local/sbin/sshguard
But it is not exactly what the HOWTO ways, the HOWTO does not mention the
"exec" part.
Put this line high into this file:
auth.info;authpriv.info |/usr/local/sbin/sshguard
More information about the freebsd-questions
mailing list