Date: Tue, 30 Sep 2008 08:38:56 +0100 From: Bob Bishop <rb@gid.co.uk> To: Rich Healey <healey.rich@gmail.com> Cc: freebsd-hackers@freebsd.org Subject: Re: SSH Brute Force attempts Message-ID: <79B5654C-62A9-4D8B-9556-2C38D6D51452@gid.co.uk> In-Reply-To: <48E16E93.3090601@gmail.com> References: <48E16E93.3090601@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On 30 Sep 2008, at 01:10, Rich Healey wrote: > Recently I'm getting a lot of brute force attempts on my server, in > the > past I've used various tips and tricks with linux boxes but many of > them > were fairly linux specific. > > What do you BSD guys use for this purpose? [various solutions proposed] I too would worry about having something automatically updating filter rulesets. An alternative is to blackhole route the offending source, eg: route -nq add -host a.b.c.d 127.0.0.1 -blackhole WHatever solution you adopt, the ability to whitelist is a very good idea (especially if you are as inaccurate a typist as I am). And I'd second what others have said about avoiding passwords altogether if it's possible in your situation. -- Bob Bishop +44 (0)118 940 1243 rb@gid.co.uk fax +44 (0)118 940 1295 mobile +44 (0)783 626 4518
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?79B5654C-62A9-4D8B-9556-2C38D6D51452>