Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 18 Mar 2006 10:00:28 -0800
From:      Wes Santee <wsantee@gmail.com>
To:        Chris Maness <chris@chrismaness.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: How to Stop Bruit Force ssh Attempts?
Message-ID:  <441C4ABC.2090102@gmail.com>
In-Reply-To: <441C45BA.1030106@chrismaness.com>
References:  <441C45BA.1030106@chrismaness.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Chris Maness wrote:
> In my auth log I see alot of bruit force attempts to login via ssh.  Is
> there a way I can have the box automatically kill any tcp/ip
> connectivity to hosts that try and fail a given number of times?  Is
> there a port or something that I can install to give this kind of
> protection.  I'm still kind of a FreeBSD newbie.

security/bruteforeceblocker (requires pf as the firewall)

security/denyhosts (uses tcp_wrappers and /etc/hosts.allow)

security/sshit (requires ipfw as firewall)

I rolled my own solution and haven't used any of these, so I don't know
how well they work in practice.  They probably all require some initial
setup and configuration.

Cheers,
- -Wes



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)

iQIVAwUBRBxKu4rq8W17hxGfAQh0cQ/+NjUEnYUHJgrLiq49OLvqbsH8XxXecEN0
pL2XnZ8ACv5SIVR7/ng2SO2o4HwRpc0Oio+r5GKRionnkDja4+fxxSr1hwlnQ/cC
ifm00QwSR21m8kCFnKKyl6GfrQAOa8aBXLx1+xT/FYY/wxNB5I2Otoj0BcuGrIMq
3qqhh7DT4ABVYVEtJiu3PcUr6hTU+oNnj/gvlF+lUlEI0m5WbcZPqs8cZXKFwTfa
XuK7X2LvyZMjlibfFPsVWnpCyV31L8dRfy7CrZpfe3y/RsVuww9/tC2ErzNLPlZX
6h9g41G50WNzGsv/DU6VbdiqnHEaKfmtECPH0dL/YSUYqIzC/Jj8i8IeUsL1MoIy
gLaAafy1yPGGFJlkq1erBc/KUQFcPCIoNI0ENvKMwOcbq+c+U+McdmXUqOfggKMZ
aXyklduBAF98+NewIVdAVrv69ImHVbouDj6WsyByGM9qkxFlJ5/vp6n410WUEsmd
+EkAM3h9I47xJ5/MQ/QM4mVuqY+Uqv4hkRR2xrSSXk5yquztCBvKQ94peawOZEQ9
6V6x0MfI9xNqGWvcS2cGVTbrs/TLtAa5yGLyn+TXbfIXVV8gdb9X7scWLW62TePb
b16uiRclzwBmwSyZBcZNDizchpJ9bYBVjDjt1r60PDDyBp4T9swqufdA7ypQVGzh
R7/orRajLkE=
=ztIl
-----END PGP SIGNATURE-----

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?441C4ABC.2090102>