Date: Wed, 20 Sep 2006 09:55:08 -0400 From: Elijah Savage <esavage@reyrey.net> To: Joao Barros <joao.barros@gmail.com> Cc: questions@freebsd.org Subject: Re: sshd brute force attempts? Message-ID: <4511483C.6080607@reyrey.net> In-Reply-To: <70e8236f0609191412p5779d94cqa16df5631f4de916@mail.gmail.com> References: <20060919165400.A4380@prime.gushi.org> <70e8236f0609191412p5779d94cqa16df5631f4de916@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Joao Barros wrote: > On 9/19/06, Dan Mahoney, System Admin <danm@prime.gushi.org> wrote: >> Hey all, >> >> I've looked around and found several linux-centric things designed to >> block brute-force SSH attempts. Anyone out there know of something a >> bit >> more BSD savvy? >> >> My best attempt will be to get this: >> >> http://www.csc.liv.ac.uk/~greg/sshdfilter/index_15.html >> >> running and adapt it. >> >> I've found a few things based on openBSD's pf, but that doesn't seem >> to be >> the default in BSD either. >> >> Any response appreciated. >> > > I'm using BruteForceBlocker quite successfully. > I take the opportunity to thank danger for it :-) > > http://www.freshports.org/security/bruteforceblocker/ > I use /usr/ports/security/denyhost It was very easy to install and setup the config file is commented so well and has so many different parameters. I get reports like this anytime my thresholds are crossed. Added the following hosts to /etc/hosts.deniedssh: 124.107.6.37 (124.107.6.37.pldt.net)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4511483C.6080607>