Date: Tue, 24 Apr 2007 18:05:30 -0400 From: Christopher Hilton <chris@vindaloo.com> To: User Questions <freebsd-questions@freebsd.org> Subject: Re: Defending against SSH attacks with pf Message-ID: <462E7F2A.10202@vindaloo.com> In-Reply-To: <20070416184315.GA93730@idoru.cepheid.org> References: <20070415200255.18e6ab3f.wmoran@potentialtech.com> <20070416184315.GA93730@idoru.cepheid.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Erik Osterholm wrote: > On Sun, Apr 15, 2007 at 08:02:55PM -0400, Bill Moran wrote: >> There was some discussion on this list not too long ago, and someone >> asked if I was willing to make my pf config and the associated scripts >> I wrote for it public. I would have posted on the original thread, >> but I can't find it now. >> >> Here is the information: >> http://www.potentialtech.com/cms/node/16 >> >> First: I'm not sure if the group got to it and I'm posting to a very stale thread here but I've found that the best way to defeat these password scanning ssh bots is to disallow passwords allowing public/private key authentication in their stead. Unfortunately this isn't always possible. Bill's method is a very close second. Second: I love the simplicity of the stateless firewall rules in Bill's pf.conf. I may have to look at implementing that here. -- Chris -- __o "All I was doing was trying to get home from work." _`\<,_ -Rosa Parks ___(*)/_(*)___________________________________________________________ Christopher Sean Hilton <chris | at | vindaloo.com> pgp key: D0957A2D/f5 30 0a e1 55 76 9b 1f 47 0b 07 e9 75 0e 14
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?462E7F2A.10202>