From owner-freebsd-questions@FreeBSD.ORG  Tue Sep 19 20:56:00 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A2A1916A4EE
	for <questions@freebsd.org>; Tue, 19 Sep 2006 20:56:00 +0000 (UTC)
	(envelope-from danm@prime.gushi.org)
Received: from prime.gushi.org (prime.gushi.org [72.9.101.130])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 326F243DA3
	for <questions@freebsd.org>; Tue, 19 Sep 2006 20:55:49 +0000 (GMT)
	(envelope-from danm@prime.gushi.org)
Received: from prime.gushi.org (localhost [127.0.0.1])
	by prime.gushi.org (8.13.6/8.13.6) with ESMTP id k8JKtnt6005817
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <questions@freebsd.org>; Tue, 19 Sep 2006 16:55:49 -0400 (EDT)
	(envelope-from danm@prime.gushi.org)
DKIM-Signature: a=rsa-sha1; c=simple/simple; d=prime.gushi.org; s=default;
	t=1158699349; bh=31ZiCR1VJwTuPB1yAai5vF34/aQ=; h=DomainKey-Signature:
	Received:Date:From:To:Subject:Message-ID:MIME-Version:
	Content-Type; b=u7qpw0r/7cFndtkDtG63DC0Ey+bFUtlBmwZWRktbIQVK9pK9JAm
	VSkKDL2z6UNkEt/Pb80dd+c4kURpV4wJo6g==
DomainKey-Signature: a=rsa-sha1; s=-l; d=prime.gushi.org; c=simple; q=dns;
	h=received:date:from:to:subject:message-id:mime-version:content-type;
	b=lmR2z4fy/E7JAowlUDvGUx46of5D6K3qiwcQVwJVubnUXWjE73hScUZwPRmB7lBuR
	jb4Ggu8jcsAHmHT3q8Y/g==
Received: (from danm@localhost)
	by prime.gushi.org (8.13.6/8.13.6/Submit) id k8JKtnLa005815;
	Tue, 19 Sep 2006 16:55:49 -0400 (EDT) (envelope-from danm)
Date: Tue, 19 Sep 2006 16:55:48 -0400 (EDT)
From: "Dan Mahoney, System Admin" <danm@prime.gushi.org>
To: questions@freebsd.org
Message-ID: <20060919165400.A4380@prime.gushi.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: 
Subject: sshd brute force attempts?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Sep 2006 20:56:00 -0000

Hey all,

I've looked around and found several linux-centric things designed to 
block brute-force SSH attempts.  Anyone out there know of something a bit 
more BSD savvy?

My best attempt will be to get this:

http://www.csc.liv.ac.uk/~greg/sshdfilter/index_15.html

running and adapt it.

I've found a few things based on openBSD's pf, but that doesn't seem to be 
the default in BSD either.

Any response appreciated.

-Dan

--

"Is Gushi a person or an entity?"
"Yes"

-Bad Karma, August 25th 2001, Ezzi Computers, Quoting himself earler, referring to Gushi

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------