From owner-freebsd-security@FreeBSD.ORG Mon Dec 19 21:29:00 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC76A16A41F for ; Mon, 19 Dec 2005 21:29:00 +0000 (GMT) (envelope-from julian@elischer.org) Received: from a50.ironport.com (a50.ironport.com [63.251.108.112]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3106043D68 for ; Mon, 19 Dec 2005 21:29:00 +0000 (GMT) (envelope-from julian@elischer.org) Received: from unknown (HELO [10.251.17.229]) ([10.251.17.229]) by a50.ironport.com with ESMTP; 19 Dec 2005 13:28:59 -0800 X-IronPort-Anti-Spam-Filtered: true Message-ID: <43A7261A.3090401@elischer.org> Date: Mon, 19 Dec 2005 13:28:58 -0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.11) Gecko/20050727 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Arne Woerner References: <20051219210329.90107.qmail@web30311.mail.mud.yahoo.com> In-Reply-To: <20051219210329.90107.qmail@web30311.mail.mud.yahoo.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Mon, 19 Dec 2005 21:38:24 +0000 Cc: freebsd-security@freebsd.org Subject: Re: Brute Force Detection + Advanced Firewall Policy X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Dec 2005 21:29:00 -0000 Arne Woerner wrote: >--- Hadi Maleki wrote: > > >>Any BFD/AFP softwares available for FreeBSD 4.10? >> >>Im getting flooded with ssh and ftp attempts. >> >> >> >What about a "white list"? I mean, three rules that blocks all >incoming traffic to those ports (21, 22, the others), and then a >rule for each "good IP" that allows the connection... > >Some time ago I have read in this list something about attempts to >guess a SSH username and password... Maybe u can find that thread >in the archive via the Websearch interface? > >Maybe it helps to disallow password athentication, because DSA >public key authentication is much more fun for users and admins... > > possibly look into port-knocking.. >:-)) > >-Arne > > >__________________________________________________ >Do You Yahoo!? >Tired of spam? Yahoo! Mail has the best spam protection around >http://mail.yahoo.com >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > >