From owner-freebsd-security@FreeBSD.ORG Mon May 10 12:26:10 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7ADFB16A4CE for ; Mon, 10 May 2004 12:26:10 -0700 (PDT) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5596943D39 for ; Mon, 10 May 2004 12:26:10 -0700 (PDT) (envelope-from marquis@roble.com) Received: from localhost (localhost [127.0.0.1]) by mx5.roble.com (Postfix) with ESMTP id 0F5442C6AB for ; Mon, 10 May 2004 12:26:10 -0700 (PDT) Date: Mon, 10 May 2004 12:26:10 -0700 (PDT) From: Roger Marquis To: freebsd-security@freebsd.org In-Reply-To: <20040510190058.3DC2E16A4F3@hub.freebsd.org> References: <20040510190058.3DC2E16A4F3@hub.freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Message-Id: <20040510192610.0F5442C6AB@mx5.roble.com> Subject: Re: rate limiting sshd connections ? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 May 2004 19:26:10 -0000 Mike Tancsa wrote: >Does anyone know of a way to rate limit ssh connections from an IP address? We've used inetd for this for several few years. Works great. Aside from having more connection limiting features inetd is also easier to configure on non-standard ports, uses less memory (1K vs 5K), and has a simpler (and by extension more secure) code base. -- Roger Marquis Roble Systems Consulting http://www.roble.com/