Date: Mon, 3 Oct 2005 01:47:54 +0100 From: Subhi S Hashwa <lists@subhi.com> To: Don Lewis <truckman@FreeBSD.org> Cc: freebsd-security@FreeBSD.org Subject: Re[2]: Repeated attacks via SSH Message-ID: <1323455932.20051003014754@subhi.com> In-Reply-To: <200510022208.j92M8joS016722@gw.catspoiler.org> References: <6.2.3.4.2.20051002153930.07a50528@localhost> <200510022208.j92M8joS016722@gw.catspoiler.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Sunday, October 2, 2005, 11:08:45 PM, Don Lewis wrote: > It's also a good idea to only allow public key authentication from > remote hosts. This avoids the risks of password guessing and password > capture by shoulder surfers or key loggers. I came across this package in ports, which could be useful in this type of situation /usr/ports/security/bruteforceblocker BruteForceBlocker is a script, that works along with pf - OpenBSD's firewall. When this script is running, it checks sshd's auth log for Failed Password attempts and counts it's number. When given IP reaches specified number of fails, script adds this IP to the pf's table and block any other traffic to the given box. If you are bored of those automated auth tries, you will be happy with this script. WWW: http://danger.rulez.sk/projects/bruteforceblocker/ -- Best regards, Subhi S Hashwa mailto:lists@subhi.com When everything is heading your way, you're in the wrong lane.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1323455932.20051003014754>