Date: Tue, 25 Aug 2015 08:36:20 -0700 From: "Brian W." <brian@brianwhalen.net> To: Adam Vande More <amvandemore@gmail.com> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org>, Dan Busarow <dan@buildingonline.com> Subject: Re: Blocking SSH access based on bad logins? Message-ID: <CADV=szVEaAC2jd5JLzETuwRYG0OmLQVhyEWTh-ZEDq66btaAxQ@mail.gmail.com> In-Reply-To: <CA%2BtpaK3it_rjN1DmnUtEYEkxpDM1RH6pB2C4C1HKXope_Q%2BY1Q@mail.gmail.com> References: <CA%2Bsg5RRppb8-paYnYtL8UMnSfP0ebzUwtM4LLNGayudCwXpyag@mail.gmail.com> <20150825162841.b8f840ab.freebsd@edvax.de> <1440514692.6714.13.camel@michaeleichorn.com> <55DC8527.7000802@buildingonline.com> <CADV=szV%2B8qktKSCY4q9khEWfjL-R36Kt%2Btu5EEDAzcohY0noHQ@mail.gmail.com> <CA%2BtpaK3it_rjN1DmnUtEYEkxpDM1RH6pB2C4C1HKXope_Q%2BY1Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The other thing I like about denyhosts is there is an option where u can upload your bad host data to a server and other users can optionally select to receive that data and add it to their hosts.whatever file. Brian On Aug 25, 2015 8:29 AM, "Adam Vande More" <amvandemore@gmail.com> wrote: > On Tue, Aug 25, 2015 at 10:22 AM, Brian W. <brian@brianwhalen.net> wrote: > >> There is a port called denyhosts that works pretty well. There is a single >> configuration file and you just edit that to what you want. It adds a >> hosts.deniedssh file that it writes data to based on log activity. >> > > Technically, you add the /etc/hosts.deniedssh file and that is really just > an arbitrary design. It could just as well be /etc/hosts.allow for many > setups. > > Also denyhosts is still the only blocker which is able to proactively > block known bad hosts(and not by default). At least is used to work, not > sure if that part still does. > > -- > Adam >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADV=szVEaAC2jd5JLzETuwRYG0OmLQVhyEWTh-ZEDq66btaAxQ>