Date: Tue, 30 Sep 2008 17:09:33 +0200 From: Daniel Gerzo <danger@FreeBSD.org> To: Jeremy Chadwick <koitsu@FreeBSD.org> Cc: freebsd-hackers@FreeBSD.org, Rich Healey <healey.rich@gmail.com> Subject: Re: SSH Brute Force attempts Message-ID: <33bf69ba4e07a4aea346fc25f7939bc7@services.rulez.sk> In-Reply-To: <20080930033033.GA35849@icarus.home.lan> References: <48E16E93.3090601@gmail.com> <20080930033033.GA35849@icarus.home.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello guys, On Mon, 29 Sep 2008 20:30:33 -0700, Jeremy Chadwick <koitsu@FreeBSD.org> wrote: > On Tue, Sep 30, 2008 at 10:10:59AM +1000, Rich Healey wrote: >> Recently I'm getting a lot of brute force attempts on my server, in the >> past I've used various tips and tricks with linux boxes but many of them >> were fairly linux specific. >> >> What do you BSD guys use for this purpose? > > This probably should've gone to -security, correct. > > There are 3 ports which people often use for solving this: > > ports/security/blocksshd > ports/security/sshblock > ports/security/sshguard-(pf|ipfw|ipfilter) There's also a tool written by me which can be found in security/bruteforceblocker - you may read a bit about it on http://danger.rulez.sk/index.php/bruteforceblocker/. The official release currently works only with pf, but I know there's a person working towards porting it to ipf/ipfw. He recently ported it to iptables and added CIDR support for whitelists, but I haven't had a time to review his changes, however once I get to it I will release a new version. -- Best regards Daniel Geržo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?33bf69ba4e07a4aea346fc25f7939bc7>