Date: Tue, 25 Jan 2005 10:30:48 +0100 From: Christian Tischler <mail@myunix.net> To: freebsd-questions@freebsd.org Subject: Re: Banning ips for some time? Message-ID: <41F611C8.4070104@myunix.net> In-Reply-To: <134496582.20050125102442@wanadoo.fr> References: <41F60ECC.8050206@myunix.net> <134496582.20050125102442@wanadoo.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Anthony Atkielski wrote: >Christian Tischler writes: > >CT> Hi, >CT> as I have an DSL line witch is 24/7 online (coming from an big and >CT> popular provider) my servers sshd reports 30 to 50 failed >CT> root/operator/etc. logins a day. I would like to block the incoming ip >CT> for a few days automaticly after e.g failed login requests. >CT> Currently I am using ipf, but it would be no problem to use any other >CT> FreeBSD firewall. >CT> This is not only for security reasons, but also to shorten the daily >CT> security run output :-) > >Do you have a need to access your server from the outside Net? If not, >you can just block the SSH port entirely at the firewall (which is what >I do). > >Almost doesn't count in securityland, so as long as the logins are >failing, they're not a security risk, just a nuisance. > > > I do need the ssh access. Christian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41F611C8.4070104>