From owner-freebsd-questions@FreeBSD.ORG Tue Feb 13 15:00:57 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 194F216A406 for ; Tue, 13 Feb 2007 15:00:57 +0000 (UTC) (envelope-from karol.kwiat@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174]) by mx1.freebsd.org (Postfix) with ESMTP id 6CF7313C4B8 for ; Tue, 13 Feb 2007 15:00:56 +0000 (UTC) (envelope-from karol.kwiat@gmail.com) Received: by ug-out-1314.google.com with SMTP id 71so197090ugh for ; Tue, 13 Feb 2007 07:00:43 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:reply-to:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:openpgp:content-type; b=GVTSoEEDm9fenW5S2HgRlkaq0c08ro44vk0Eqt67FF0kcOMhYtxMboL++jXsbbkjkcvCPPQEgZgTkCLMX6SNRPUyfKOhgB7FsyTQydn87lAme5m6Zrc1Uf2T7+j+9Juvs/jl9jQfVlzex2PvDUyq9SFdWTBL4xZqHtOENvtNeUQ= Received: by 10.66.243.4 with SMTP id q4mr16550637ugh.1171378843475; Tue, 13 Feb 2007 07:00:43 -0800 (PST) Received: from blackacidevil.orchid.homeunix.org ( [84.10.174.25]) by mx.google.com with ESMTP id q1sm12135083uge.2007.02.13.07.00.39; Tue, 13 Feb 2007 07:00:40 -0800 (PST) Message-ID: <45D1D27F.5090401@gmail.com> Date: Tue, 13 Feb 2007 16:00:15 +0100 From: Karol Kwiatkowski User-Agent: Thunderbird 2.0b2 (X11/20070130) MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <45CEC7A4.7030802@ephgroup.com> <87tzxqpko3.fsf@thingy.datadok.no> <3814.192.168.16.2.1171354601.squirrel@lists.lc-words.com> <3ee9ca710702130600j61d84c87vb6930398ab9984d6@mail.gmail.com> In-Reply-To: <3ee9ca710702130600j61d84c87vb6930398ab9984d6@mail.gmail.com> X-Enigmail-Version: 0.94.2.0 OpenPGP: id=06E09309; url=http://www.orchid.homeunix.org/carlos/gpg/0x06E09309.asc Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig90A922C616AA725F1571873A" Subject: Re: Onpening and Closing ports X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: karol.kwiat@gmail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Feb 2007 15:00:57 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig90A922C616AA725F1571873A Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Andy Greenwood wrote: > On 2/13/07, Zbigniew Szalbot wrote: >> Hello, >> >> Peter N. M. Hansteen wrote: >> > You can head them off rather easily with a short PF rule set, see >> > eg http://home.nuug.no/~peter/pf/en/bruteforce.html. >> > >> > They can actually be fun to watch :) >> >> It was funny for me because I set the max con rule to 10 and then logg= ed >> in 10 times to see if that would work. Of course that did (silly me!) = and >> as a result I blocked myself the access to the machine. I logged in fr= om >> another IP and commented out the pf.conf file entries for the brutefor= ce >> but wonder how to empty the table (so that it does not contain my ip) = and >> enable the bruteforce defence again. >=20 > man pfctl. Specifically the -T switch. Also, have a look at security/expiretable. You can automagically remove entries from tables after specified time. It is mentioned in the article linked above [1]. HTH, Karol [1] http://home.nuug.no/~peter/pf/en/bruteforce.html --=20 Karol Kwiatkowski OpenPGP 0x06E09309 --------------enig90A922C616AA725F1571873A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF0dKGezeoPAwGIYsRCGUdAKCUduGdtEpIYz7jEpMjHwmO5q6WJgCeMd/F l/4gxAhZp6XxT3AWsYgHRzg= =D46p -----END PGP SIGNATURE----- --------------enig90A922C616AA725F1571873A--