Date: Mon, 10 Jan 2005 18:07:14 -0600 From: Chris <racerx@makeworld.com> To: artware <artware@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Blacklisting IPs Message-ID: <41E318B2.3020108@makeworld.com> In-Reply-To: <fd091951050109222052228399@mail.gmail.com> References: <20050110035717.27062.qmail@web41008.mail.yahoo.com> <fd091951050109222052228399@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
artware wrote: > Hello again, > > My 5.3R system has only been up a little over a week, and I've already > had a few breakin attempts -- they show up as Illegal user tests in > the /var/log/auth.log... It looks like they're trying common login > names (probably with the login name used as passwd). It takes them > hours to try a dozen names, but I'd rather not have any traffic from > these folks. Is there any way to blacklist IPs at the system level, or > do I have to hack something together for each daemon? > > - ben > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > Here's what I do - as root: route -nq add -host xxx.xxx.xxx.xxx 127.0.0.1 -blackhole To the attacker, it looks as if you dropped off the net. -- Best regards, Chris To save disk space in your home directory, compress files you rarely use with "gzip filename". -- Dru <genesis@istar.ca>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41E318B2.3020108>