Date: Sat, 22 Aug 2009 20:41:38 -0500 From: Len Conrad <LConrad@Go2France.com> To: freebsd-pf@freebsd.org Subject: Re: something like bruteblock for pf? Message-ID: <200908230340125.SM01728@W500.Go2France.com> In-Reply-To: <a2b6592c0908221807q24e7f54aka75b561debca63eb@mail.gmail.co m> References: <200908230132343.SM01728@W500.Go2France.com> <a2b6592c0908221807q24e7f54aka75b561debca63eb@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>> I've used bruteblock, which manages ipfw, for blocking SMTP attackers and reducing smtp connects by 10s of 1000s per day. > >[snip] > >> Anybody know of anything similar for pf? > > >http://www.bgnett.no/~peter/pf/en/spamd.setup.html thanks, but I've never liked tarpitting, no matter how inexpensive it is, and I already have greylisting. I'm looking for something like bruteblock that logwatches (smtp, ssh, ftp, whatever) and inserts/removes TCP block rules into pf for x hours, so the protocol daemons are involved. Len
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200908230340125.SM01728>