From owner-freebsd-current@FreeBSD.ORG Tue Oct 7 01:14:41 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 235BF1065687 for ; Tue, 7 Oct 2008 01:14:41 +0000 (UTC) (envelope-from sk@elegosoft.com) Received: from mx0.elegosoft.com (mx0.elegosoft.com [88.198.54.133]) by mx1.freebsd.org (Postfix) with ESMTP id D160A8FC1C for ; Tue, 7 Oct 2008 01:14:40 +0000 (UTC) (envelope-from sk@elegosoft.com) Received: from localhost (localhost [127.0.0.1]) by mx0.elegosoft.com (Postfix) with ESMTP id 9223144002; Tue, 7 Oct 2008 03:14:38 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at mx0.elegosoft.com Received: from mx0.elegosoft.com ([127.0.0.1]) by localhost (mx0.elegosoft.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mR-CsA4Vs0js; Tue, 7 Oct 2008 03:14:31 +0200 (CEST) Received: from mail.elegosoft.com (localhost [127.0.0.1]) by mx0.elegosoft.com (Postfix) with ESMTP id 8C8B644001; Tue, 7 Oct 2008 03:14:31 +0200 (CEST) Received: from 82.41.242.250 (SquirrelMail authenticated user sk) by mail.elegosoft.com with HTTP; Tue, 7 Oct 2008 03:14:31 +0200 (CEST) Message-ID: <5073.82.41.242.250.1223342071.squirrel@mail.elegosoft.com> In-Reply-To: <48E829D6.1000902@gmail.com> References: <48E16E93.3090601@gmail.com> <48E4368E.4020404@gmail.com> <4046.82.41.242.250.1223173482.squirrel@mail.elegosoft.com> <48E829D6.1000902@gmail.com> Date: Tue, 7 Oct 2008 03:14:31 +0200 (CEST) From: sk@elegosoft.com To: "Eitan Adler" User-Agent: SquirrelMail/1.4.9a MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Mailman-Approved-At: Tue, 07 Oct 2008 02:17:07 +0000 Cc: freebsd-current@freebsd.org Subject: Re: SSH Brute Force attempts X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Oct 2008 01:14:41 -0000 > sk@elegosoft.com wrote: mornin' > Rich Healey wrote: > Recently I'm getting a lot of brute force attempts on my server, in > the past I've used various tips and tricks with linux boxes but many of > them were fairly linux specific. > disable pasword authentication OR use very strong passwords (24 chars) > OR use OTP >> if it is applicable you could limit access by hosts (from=) >> nothing of the above is linux or BSD specific >> btw. Software to delay Login Attempts could be tricked. > Which software? how? I was talking fail2ban http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4321 http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=denyhosts regards Stefan