bruteforce
Adam Stroud
adam at thegeeklord.com
Wed Apr 12 03:42:09 UTC 2006
I forgot to mention that pf is also available on FreeBSD too.
Adam Stroud wrote:
> I have been using pf (on an OpenBSD box) to automatically block
> offending IP address using pf and it seems to work well for me.
> Basically when an attackers tries to connect x number of times in y
> minutes, I have the firewall set up to block the automatically.
>
> Works like a charm.
> A
>
> Patrick Tracanelli wrote:
>> Jordan Sissel wrote:
>>> On 4/11/06, Daniel Gerzo <danger at rulez.sk> wrote:
>>>
>>>> Hello Dmitriy,
>>>>
>>>> Tuesday, April 11, 2006, 7:04:37 PM, you typed the following:
>>>>
>>>>
>>>>> On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote:
>>>>>
>>>>>> Hy, I'm triing to find a solution to bruteforce attack, mostly on
>>>>>> port
>>>>
>>>> 22, without
>>>>
>>>>>> moving services on different ports.
>>>>
>>>>> try to use
>>>>> /usr/ports/security/sshit
>>>>
>>>> maybe security/bruteforceblocker
>>>
>>>
>>>
>>> If you're looking for something with a more generalized approach,
>>> check out
>>> sysutils/grok. It comes with examples that block brute force
>>> efforts, and
>>> can do much more.
>>
>> Doesnt open sshd itself has a feature which blocks or imposes a delay
>> upon a number of failed logins from the same address?
>>
>
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
More information about the freebsd-stable
mailing list