From owner-freebsd-questions@FreeBSD.ORG Mon Jun 23 01:52:43 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C070ED30 for ; Mon, 23 Jun 2014 01:52:43 +0000 (UTC) Received: from mail-pa0-x235.google.com (mail-pa0-x235.google.com [IPv6:2607:f8b0:400e:c03::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 91DF82E17 for ; Mon, 23 Jun 2014 01:52:43 +0000 (UTC) Received: by mail-pa0-f53.google.com with SMTP id ey11so5217637pad.40 for ; Sun, 22 Jun 2014 18:52:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:message-id:in-reply-to:references:subject :mime-version:content-type; bh=k3u83R5C6322VibXsTEqGm5nU5iP33BL1nimr4Qu9/Q=; b=K/6KZa7m8r0YN46hFNwd7v2GnpekZ3XVFnHtd/9mWZqssQiz11zHETWfIcI2+teaHh /h3tdMyg+h909LU0ZibOdmLvPTOLV8vcmNJVEQdK06Q8yxDRrRyhudrmKcwL44YxZdxc wLXBKx1lpN5oYWq3lvKR/JnodNQ3XyNQSr/tBoeMd+83g5QKCIIFjPVx4H5s9Eu2t9qK 4EavcFxOxxZ+GM4w7ZFe81GOGisGMocaVWEtNv7oBbo9A9X/zmvzBZoiLz/o51JtZcVv 8X2wQxclOGDY/Ixaany+Plhf0TXNVykMNGTIaZx8UPq2xzieymKypSDSM+FUE+4+5Y5i RaFA== X-Received: by 10.66.139.233 with SMTP id rb9mr17081536pab.5.1403488363201; Sun, 22 Jun 2014 18:52:43 -0700 (PDT) Received: from [10.0.42.146] (S0106001b63f4e3e0.vw.shawcable.net. [70.70.130.221]) by mx.google.com with ESMTPSA id io8sm24012686pbc.96.2014.06.22.18.52.42 for (version=TLSv1.2 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 22 Jun 2014 18:52:42 -0700 (PDT) Date: Sun, 22 Jun 2014 18:52:41 -0700 From: Patrick To: Chris Maness Message-ID: <56661E7D781742348823CD9431ACA148@gmail.com> In-Reply-To: References: Subject: Re: PAM: Authentication Attack? X-Mailer: sparrow 1.3.5 (build 507.62) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: "=?utf-8?Q?freebsd-questions=40freebsd.org?=" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Jun 2014 01:52:43 -0000 If you haven't settled on anything, I've found fail2ban to be extremely powerful, flexible, and quick to respond. Comes with lots of examples for different firewall configs. If memory serves, it's security/py-fail2ban in ports. Patrick On Sunday, June 22, 2014 at 8:28, Chris Maness wrote: > After digging around I am going to use sshgaurd-pf. Any opinions on > this software? > > Chris > > On Sun, Jun 22, 2014 at 8:00 AM, Chris Maness wrote: > > I am running denyhost for failed sshd logins, but I am not sure if it > > blocks passwordless PAM attempts. I am having a lot of hits right now > > on PAM failures for my root account. > > > > Any suggestions as far as a good way to deal with this? > > > > Thanks, > > Chris > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > >