From owner-freebsd-questions@FreeBSD.ORG  Thu Aug 25 22:24:48 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 06CA316A41F
	for <freebsd-questions@freebsd.org>;
	Thu, 25 Aug 2005 22:24:48 +0000 (GMT)
	(envelope-from maarfree@xs4all.nl)
Received: from smtp-vbr12.xs4all.nl (smtp-vbr12.xs4all.nl [194.109.24.32])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 736F943D48
	for <freebsd-questions@freebsd.org>;
	Thu, 25 Aug 2005 22:24:47 +0000 (GMT)
	(envelope-from maarfree@xs4all.nl)
Received: from maarten.sandersatkins.nl (a80-127-55-226.adsl.xs4all.nl
	[80.127.55.226])
	by smtp-vbr12.xs4all.nl (8.13.3/8.13.3) with ESMTP id j7PMOkRP043450
	for <freebsd-questions@freebsd.org>;
	Fri, 26 Aug 2005 00:24:46 +0200 (CEST)
	(envelope-from maarfree@xs4all.nl)
From: Maarten Sanders <maarfree@xs4all.nl>
To: "'FreeBSD Questions'" <freebsd-questions@freebsd.org>
In-Reply-To: <20050825112237.GE45634@topper.cteresource.org>
References: <810a540e0508232127737d91fb@mail.gmail.com>
	<200508241119671.SM00756@chris>
	<20050825112237.GE45634@topper.cteresource.org>
Content-Type: text/plain
Date: Fri, 26 Aug 2005 00:24:48 +0200
Message-Id: <1125008688.39123.14.camel@maarten>
Mime-Version: 1.0
X-Mailer: Evolution 2.2.3 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by XS4ALL Virus Scanner
Subject: Re: Illegal access attempt - FreeBSD 5.4 Release - please advise
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Aug 2005 22:24:48 -0000

On Thu, 2005-08-25 at 07:22 -0400, Lee Capps wrote:
> On 11:18 Wed 24 Aug     , Chris St Denis wrote:
> > How can I easily auto deny after x failed attempts? Is this an sshd setting?
> > I could find it.
> > 
> > Is there something in ports that will firewall off somebody who is brute
> > forcing?
> 
> In addition to adding entries to /etc/hosts.allow you could try
> DenyHosts:
> 
> http://denyhosts.sourceforge.net/
> 
> I didn't find a port, but it works with FreeBSD and isn't too onerous to
> install.
> 
> HTH,
> 
> Lee
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
> 
Nice suggestion, but how do I enable tcp_wrappers with sshd?

See : http://denyhosts.sourceforge.net/ssh_config.html 
I tried adding 

sshd: 127.0.0.1 : deny to /etc/hosts.allow but I failed the described
test. 

Maarten