Date: Tue, 13 Feb 2007 16:00:15 +0100 From: Karol Kwiatkowski <karol.kwiat@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: Onpening and Closing ports Message-ID: <45D1D27F.5090401@gmail.com> In-Reply-To: <3ee9ca710702130600j61d84c87vb6930398ab9984d6@mail.gmail.com> References: <45CEC7A4.7030802@ephgroup.com> <87tzxqpko3.fsf@thingy.datadok.no> <3814.192.168.16.2.1171354601.squirrel@lists.lc-words.com> <3ee9ca710702130600j61d84c87vb6930398ab9984d6@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig90A922C616AA725F1571873A Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Andy Greenwood wrote: > On 2/13/07, Zbigniew Szalbot <zbyszek@szalbot.homedns.org> wrote: >> Hello, >> >> Peter N. M. Hansteen wrote: >> > You can head them off rather easily with a short PF rule set, see >> > eg http://home.nuug.no/~peter/pf/en/bruteforce.html. >> > >> > They can actually be fun to watch :) >> >> It was funny for me because I set the max con rule to 10 and then logg= ed >> in 10 times to see if that would work. Of course that did (silly me!) = and >> as a result I blocked myself the access to the machine. I logged in fr= om >> another IP and commented out the pf.conf file entries for the brutefor= ce >> but wonder how to empty the table (so that it does not contain my ip) = and >> enable the bruteforce defence again. >=20 > man pfctl. Specifically the -T switch. Also, have a look at security/expiretable. You can automagically remove entries from tables after specified time. It is mentioned in the article linked above [1]. HTH, Karol [1] http://home.nuug.no/~peter/pf/en/bruteforce.html --=20 Karol Kwiatkowski <karol.kwiat at gmail dot com> OpenPGP 0x06E09309 --------------enig90A922C616AA725F1571873A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF0dKGezeoPAwGIYsRCGUdAKCUduGdtEpIYz7jEpMjHwmO5q6WJgCeMd/F l/4gxAhZp6XxT3AWsYgHRzg= =D46p -----END PGP SIGNATURE----- --------------enig90A922C616AA725F1571873A--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45D1D27F.5090401>