From owner-freebsd-stable@FreeBSD.ORG Mon Dec 28 23:50:36 2009 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F0F9F1065679 for ; Mon, 28 Dec 2009 23:50:35 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: from mail-pw0-f44.google.com (mail-pw0-f44.google.com [209.85.160.44]) by mx1.freebsd.org (Postfix) with ESMTP id C2D658FC19 for ; Mon, 28 Dec 2009 23:50:34 +0000 (UTC) Received: by pwi15 with SMTP id 15so7170809pwi.3 for ; Mon, 28 Dec 2009 15:50:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=13ORpyoBhHjDlSWmcKHSwO0kGTqM7ng3X0vPMgc5PGQ=; b=OavE7QZnlgITD45DfK//pmFrrJHorTkuo6yQzOGhDUH4TTtVMvBwExZ9BSK6OFNByl FeKfMXJLrL5iujOTblcd+6iJTceyg1klag0psPI782uj28vjSJO2tq5GgR41NyUt2lqv 3r60m9KthpEYsZz5+Wm+nfR/SwZUvmchL+Uss= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=Eqylk9E4+BjobTaUbf8yV6CsPq5me0BQhIcKe0szFbrRY6r4ylvHXAweFL3PKP4bCy RCmWSU6mgZLD/PBZLhNou2Y+nzfERXWjjU3bha6eTfdXkvkTQFFRV1HSZu3JnUp+Qz6p pHoDtBuiqkUMkrr/9zW6fAKN7rKNx2Kw+mU4o= MIME-Version: 1.0 Received: by 10.142.7.18 with SMTP id 18mr10669927wfg.126.1262044224023; Mon, 28 Dec 2009 15:50:24 -0800 (PST) In-Reply-To: <8bdcbc5f08e9b762c3d2dcfe2fd00558.HRCIM@webmail.1command.com> References: <4B20B509.4050501@yahoo.it> <600C0C33850FFE49B76BDD81AED4D25801371D8056@IMCMBX3.MITRE.ORG> <600C0C33850FFE49B76BDD81AED4D25801371D8737@IMCMBX3.MITRE.ORG> <8bdcbc5f08e9b762c3d2dcfe2fd00558.HRCIM@webmail.1command.com> Date: Mon, 28 Dec 2009 17:50:23 -0600 Message-ID: <6201873e0912281550w34937b9eg3498547722739aee@mail.gmail.com> From: Adam Vande More To: Chris H Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-stable@freebsd.org Subject: Re: Hacked - FreeBSD 7.1-Release X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Dec 2009 23:50:36 -0000 On Mon, Dec 28, 2009 at 4:59 PM, Chris H wrote: > > My point here was that by increasing the verbosity, you will more easily be > able > to grep against login /failures/, and more easily discover dictionary/ > brute-force > attacks. It's certainly made my job easier, and hasn't required any > modifications > to our current policies. You /have/ considered PF(4), haven't you? It's > /really/ > an excellent strategy for securing your network. > > --Chris H > > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > I use security/denyhosts for this, very simple to setup like 5 minutes if you're a fast reader. There are other options as well that offer similar functionality. -- Adam Vande More