Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 20 Mar 2010 23:17:24 +0100
From:      Vadkan Jozsef <jozsi.avadkan@gmail.com>
To:        FreeBSD Mailing list <freebsd-questions@freebsd.org>
Subject:   bruteforce protection howto
Message-ID:  <1269123444.32263.53.camel@ubuntu>

next in thread | raw e-mail | index | archive | help
Two pc's:

1 - router
2 - logger

Situation: someone tries to bruteforce into a server, and the logger
get's a log about it [e.g.: ssh login failed].

What's the best method to ban that ip [what is bruteforcig a server]
what was logged on the logger?
I need to ban the ip on the router pc.

How can i send the bad ip to the router, to ban it?

Just run a cronjob, and e.g.: scp the list of ip's from the logger to
the router, then ban the ip from the list on the router pc?

Or is there any "offical" method for this?

I'm just asking for docs/howtos.. :\ to get started..

Thank you!




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1269123444.32263.53.camel>