Date: Tue, 25 Aug 2015 10:29:04 -0500 From: Adam Vande More <amvandemore@gmail.com> To: "Brian W." <brian@brianwhalen.net> Cc: Dan Busarow <dan@buildingonline.com>, FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: Blocking SSH access based on bad logins? Message-ID: <CA%2BtpaK3it_rjN1DmnUtEYEkxpDM1RH6pB2C4C1HKXope_Q%2BY1Q@mail.gmail.com> In-Reply-To: <CADV=szV%2B8qktKSCY4q9khEWfjL-R36Kt%2Btu5EEDAzcohY0noHQ@mail.gmail.com> References: <CA%2Bsg5RRppb8-paYnYtL8UMnSfP0ebzUwtM4LLNGayudCwXpyag@mail.gmail.com> <20150825162841.b8f840ab.freebsd@edvax.de> <1440514692.6714.13.camel@michaeleichorn.com> <55DC8527.7000802@buildingonline.com> <CADV=szV%2B8qktKSCY4q9khEWfjL-R36Kt%2Btu5EEDAzcohY0noHQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 25, 2015 at 10:22 AM, Brian W. <brian@brianwhalen.net> wrote: > There is a port called denyhosts that works pretty well. There is a single > configuration file and you just edit that to what you want. It adds a > hosts.deniedssh file that it writes data to based on log activity. > Technically, you add the /etc/hosts.deniedssh file and that is really just an arbitrary design. It could just as well be /etc/hosts.allow for many setups. Also denyhosts is still the only blocker which is able to proactively block known bad hosts(and not by default). At least is used to work, not sure if that part still does. -- Adam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BtpaK3it_rjN1DmnUtEYEkxpDM1RH6pB2C4C1HKXope_Q%2BY1Q>