Date: Tue, 26 Jul 2005 17:52:14 +1200 (NZST) From: Andrew McNaughton <andrew@scoop.co.nz> To: Andreas Pettersson <andpet@telia.com> Cc: freebsd-isp@freebsd.org Subject: Re: ssh brute force Message-ID: <20050726174743.S5699@a2.scoop.co.nz> In-Reply-To: <42E51310.60102@telia.com> References: <f72a639a050719121244719e22@mail.gmail.com> <42DEAE1F.8000702@novusordo.net> <d64aa176050720174322ebc621@mail.gmail.com> <77588585.20050725010451@rulez.sk> <42E51310.60102@telia.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 25 Jul 2005, Andreas Pettersson wrote: > Daniel Gerzo wrote: > > And here is another one, similar to Daniel's, but this one uses ipfw instead, > AND another neat thing is that a block isn't permanent. There's a janitor > cleaning up ipfw rules after a specified time. > > http://anp.ath.cx/sshit/ > > I made it the other day, so I haven't had time to hardcore test it. > Let me know if it's not working, or if it is ;-) > Rather than having a whole bunch of processes running doing this sort of thing, at least some of which are important enough to need monitoring themselves (eg in my case pop based smtp authentication), it would be nice to have a single process monitoring log activity, with some sort of plugin system for adding various functionality for monitoring different things and taking various actions. Anyone know of such a beast? Perl preferred. Andrew McNaughton
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050726174743.S5699>