Re: SSH scans vs connection ratelimiting
- From: Lyndon Nerenberg <lyndon@xxxxxxxxxx>
- Date: Sat, 19 Aug 2006 14:31:58 -0700 (PDT)
Take a look at /usr/ports/security/bruteforceblocker. It monitors the system log for failed ssh logins, and blocks the sites via pf. It's reasonably configurable, and works very well. I've been running it for months without trouble.
Note that it lets you whitelist specific hosts to prevent against someone DOSing you by forging your IP address.
--lyndon
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: SSH scans vs connection ratelimiting
- From: Pieter de Boer
- Re: SSH scans vs connection ratelimiting
- References:
- SSH scans vs connection ratelimiting
- From: Pieter de Boer
- SSH scans vs connection ratelimiting
- Prev by Date: Re: SSH scans vs connection ratelimiting
- Next by Date: Re: SSH scans vs connection ratelimiting
- Previous by thread: Re: SSH scans vs connection ratelimiting
- Next by thread: Re: SSH scans vs connection ratelimiting
- Index(es):
