From owner-freebsd-questions@FreeBSD.ORG  Tue Jan  2 13:37:06 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 3BAD316A407
	for <questions@freebsd.org>; Tue,  2 Jan 2007 13:37:06 +0000 (UTC)
	(envelope-from roberthuff@rcn.com)
Received: from smtp02.lnh.mail.rcn.net (smtp02.lnh.mail.rcn.net
	[207.172.157.102])
	by mx1.freebsd.org (Postfix) with ESMTP id F2DD213C45E
	for <questions@freebsd.org>; Tue,  2 Jan 2007 13:37:05 +0000 (UTC)
	(envelope-from roberthuff@rcn.com)
Received: from mr08.lnh.mail.rcn.net ([207.172.157.28])
	by smtp02.lnh.mail.rcn.net with ESMTP; 02 Jan 2007 08:37:05 -0500
Received: from smtp01.lnh.mail.rcn.net (smtp01.lnh.mail.rcn.net [207.172.4.11])
	by mr08.lnh.mail.rcn.net (MOS 3.7.5a-GA) with ESMTP id IAQ44090;
	Tue, 2 Jan 2007 08:37:02 -0500 (EST)
Received: from 209-6-203-219.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com (HELO
	jerusalem.litteratus.org.litteratus.org) ([209.6.203.219])
	by smtp01.lnh.mail.rcn.net with ESMTP; 02 Jan 2007 08:37:03 -0500
From: Robert Huff <roberthuff@rcn.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <17818.24164.418874.835516@jerusalem.litteratus.org>
Date: Tue, 2 Jan 2007 08:30:12 -0500
To: questions@freebsd.org
In-Reply-To: <459A5A45.4080309@wmptl.com>
References: <459A5A45.4080309@wmptl.com>
X-Mailer: VM 7.17 under 21.5  (beta27) "fiddleheads" XEmacs Lucid
Cc: 
Subject: sshd break-in attempt
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jan 2007 13:37:06 -0000

Nathan Vidican writes:

>  In our 'periodic daily' report/email, (only the list goes on for
>  hundreds of attempts). Anyhow, long story short; is there not an
>  easy way to make sshd block or deny hosts temporarily if X number of
>  invalid login attempts are made within a minute's time? Must I use
>  an external wrapper to accomplish this, or can it be done with
>  options to sshd on it's own? 

	I don't know of any internal-to-ssh way to do this.  Me, I use
security/denyhosts; it's a minor pain to configure though that only
need be done once.


				Robert Huff