Date: Tue, 30 Sep 2008 08:38:56 +0100 From: Bob Bishop <rb@gid.co.uk> To: Rich Healey <healey.rich@gmail.com> Cc: freebsd-hackers@freebsd.org Subject: Re: SSH Brute Force attempts Message-ID: <79B5654C-62A9-4D8B-9556-2C38D6D51452@gid.co.uk> In-Reply-To: <48E16E93.3090601@gmail.com> References: <48E16E93.3090601@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
On 30 Sep 2008, at 01:10, Rich Healey wrote:
> Recently I'm getting a lot of brute force attempts on my server, in
> the
> past I've used various tips and tricks with linux boxes but many of
> them
> were fairly linux specific.
>
> What do you BSD guys use for this purpose?
[various solutions proposed]
I too would worry about having something automatically updating filter
rulesets. An alternative is to blackhole route the offending source, eg:
route -nq add -host a.b.c.d 127.0.0.1 -blackhole
WHatever solution you adopt, the ability to whitelist is a very good
idea (especially if you are as inaccurate a typist as I am). And I'd
second what others have said about avoiding passwords altogether if
it's possible in your situation.
--
Bob Bishop +44 (0)118 940 1243
rb@gid.co.uk fax +44 (0)118 940 1295
mobile +44 (0)783 626 4518
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?79B5654C-62A9-4D8B-9556-2C38D6D51452>