From owner-freebsd-questions@FreeBSD.ORG Wed Sep 20 14:29:02 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6445316A412 for ; Wed, 20 Sep 2006 14:29:02 +0000 (UTC) (envelope-from heli@mikestammer.com) Received: from smtp106.sbc.mail.re2.yahoo.com (smtp106.sbc.mail.re2.yahoo.com [68.142.229.99]) by mx1.FreeBSD.org (Postfix) with SMTP id 1F2BF43D78 for ; Wed, 20 Sep 2006 14:28:57 +0000 (GMT) (envelope-from heli@mikestammer.com) Received: (qmail 13595 invoked from network); 20 Sep 2006 14:28:57 -0000 Received: from unknown (HELO gondolin.mikestammer.com) (mikestammer@sbcglobal.net@75.2.247.121 with login) by smtp106.sbc.mail.re2.yahoo.com with SMTP; 20 Sep 2006 14:28:56 -0000 Received: from localhost (localhost [127.0.0.1]) by gondolin.mikestammer.com (Postfix) with ESMTP id 6B039ED for ; Wed, 20 Sep 2006 09:28:56 -0500 (CDT) X-Virus-Scanned: amavisd-new at mikestammer.com Received: from gondolin.mikestammer.com ([127.0.0.1]) by localhost (gondolin.middleearth.mikestammer.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BxjdC2go-Vuf for ; Wed, 20 Sep 2006 09:28:54 -0500 (CDT) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: eric) by gondolin.mikestammer.com (Postfix) with ESMTP id 43C02EB for ; Wed, 20 Sep 2006 09:28:54 -0500 (CDT) Message-ID: <45115025.5010803@mikestammer.com> Date: Wed, 20 Sep 2006 09:28:53 -0500 From: Eric User-Agent: Thunderbird 1.5.0.5 (Windows/20060719) MIME-Version: 1.0 To: questions@freebsd.org References: <20060919165400.A4380@prime.gushi.org> <70e8236f0609191412p5779d94cqa16df5631f4de916@mail.gmail.com> <4511483C.6080607@reyrey.net> In-Reply-To: <4511483C.6080607@reyrey.net> X-Enigmail-Version: 0.94.1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Subject: Re: sshd brute force attempts? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Sep 2006 14:29:02 -0000 Elijah Savage wrote: > Joao Barros wrote: >> On 9/19/06, Dan Mahoney, System Admin wrote: >>> Hey all, >>> >>> I've looked around and found several linux-centric things designed to >>> block brute-force SSH attempts. Anyone out there know of something a >>> bit >>> more BSD savvy? >> > I use /usr/ports/security/denyhost > > It was very easy to install and setup the config file is commented so > well and has so many different parameters. I get reports like this > anytime my thresholds are crossed. > > Added the following hosts to /etc/hosts.deniedssh: > > 124.107.6.37 (124.107.6.37.pldt.net) another vote for denyhost. it works well and stops the attacks. Even tho i use keys and not passwords, i still use it.