Date: Sun, 5 Feb 2006 10:41:49 -0500 (EST) From: "Michael A. Alestock" <michaela@maa-net.net> To: questions@freebsd.org Subject: IP Banning (Using IPFW) Message-ID: <20060205103027.D7469@bsd.maa-net.net>
next in thread | raw e-mail | index | archive | help
Hello, I was wondering if there's some sort of port available that can actively ban IPs that try and bruteforce a service such as SSH or Telnet, by scanning the /var/log/auth.log log for Regex such as "Illegal User" or "LOGIN FAILURES", and then using IPFW to essentially deny (ban) that IP for a certain period of time or possibly forever. I've seen a very useful one that works for linux (fail2ban), and was wondering if one exists for FreeBSD's IPFW? I've looked around in /usr/ports/security and /usr/ports/net but can't seem to find anything that closely resembles that. Your help would be greatly appreciated.... Thanks in advance! >> Michael A., USA... Loyal FreeBSD user since 2000.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060205103027.D7469>