From owner-freebsd-questions@FreeBSD.ORG  Sat Mar 18 17:52:25 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0DCA816A422
	for <freebsd-questions@freebsd.org>;
	Sat, 18 Mar 2006 17:52:25 +0000 (UTC)
	(envelope-from pergesu@gmail.com)
Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.201])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 45BB343D45
	for <freebsd-questions@freebsd.org>;
	Sat, 18 Mar 2006 17:52:20 +0000 (GMT)
	(envelope-from pergesu@gmail.com)
Received: by zproxy.gmail.com with SMTP id l8so803767nzf
	for <freebsd-questions@freebsd.org>;
	Sat, 18 Mar 2006 09:52:19 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=fUOrd3XAhytpKmm6GcxjKa1rMNz64E4Q7k53fZYkpf5aRG6VzLTA1hOuNFHQmgbGjTLVC22z5ZNFFHEO4PX1Bc1nn3IsGQqV1lmjOToGiA24CTXzrg8bvTLQ+Tp7ISVZ7K+0rsPEVPYIfzs+94EKybPX1+oeqOzDU1/XLAFZDqs=
Received: by 10.36.84.15 with SMTP id h15mr3846240nzb;
	Sat, 18 Mar 2006 09:52:19 -0800 (PST)
Received: by 10.36.50.5 with HTTP; Sat, 18 Mar 2006 09:52:19 -0800 (PST)
Message-ID: <810a540e0603180952i104c77c3ld532ce31d7922a33@mail.gmail.com>
Date: Sat, 18 Mar 2006 10:52:19 -0700
From: "Pat Maddox" <pergesu@gmail.com>
To: "FreeBSD Questions" <freebsd-questions@freebsd.org>
In-Reply-To: <441C45BA.1030106@chrismaness.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <441C45BA.1030106@chrismaness.com>
Subject: Re: How to Stop Bruit Force ssh Attempts?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Mar 2006 17:52:25 -0000

The best thing you can do is move SSH to another port and disable
password authentication, and use keys instead.

Pat

On 3/18/06, Chris Maness <chris@chrismaness.com> wrote:
> In my auth log I see alot of bruit force attempts to login via ssh.  Is
> there a way I can have the box automatically kill any tcp/ip
> connectivity to hosts that try and fail a given number of times?  Is
> there a port or something that I can install to give this kind of
> protection.  I'm still kind of a FreeBSD newbie.
>
> Thanks,
> Chris Maness
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o=
rg"
>