From owner-freebsd-hackers@FreeBSD.ORG Tue Sep 30 05:44:05 2008 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A6668106568F for ; Tue, 30 Sep 2008 05:44:05 +0000 (UTC) (envelope-from lars.engels@0x20.net) Received: from mail.0x20.net (mail.ipv6.0x20.net [IPv6:2001:aa8:fffb::3]) by mx1.freebsd.org (Postfix) with ESMTP id 356928FC1E for ; Tue, 30 Sep 2008 05:44:05 +0000 (UTC) (envelope-from lars.engels@0x20.net) Received: from mail.0x20.net (mail.0x20.net [217.69.67.217]) by mail.0x20.net (Postfix) with ESMTP id 2A99A356E0; Tue, 30 Sep 2008 07:44:03 +0200 (CEST) Received: from 193.109.238.110 ([193.109.238.110]) by 0x20.net (Horde MIME library) with HTTP; Tue, 30 Sep 2008 07:44:03 +0200 Message-ID: <20080930074403.z41gl0wk1bko8c48@0x20.net> X-Priority: 3 (Normal) Date: Tue, 30 Sep 2008 07:44:03 +0200 From: Lars Engels To: Rich Healey References: <48E16E93.3090601@gmail.com> In-Reply-To: <48E16E93.3090601@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=_iet6cne77og"; protocol="application/pgp-signature"; micalg="pgp-sha1" Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.1.3) X-Mailman-Approved-At: Tue, 30 Sep 2008 11:35:50 +0000 Cc: freebsd-hackers@freebsd.org Subject: Re: SSH Brute Force attempts X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Sep 2008 05:44:05 -0000 This message is in MIME format and has been PGP signed. --=_iet6cne77og Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit Quoting Rich Healey : > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Recently I'm getting a lot of brute force attempts on my server, in the > past I've used various tips and tricks with linux boxes but many of them > were fairly linux specific. > > What do you BSD guys use for this purpose? > > If this belongs on -security let me know and I'll ask over there. Just do not use password authentication but public key authentication and a reasonable passphrase on it. --=_iet6cne77og Content-Type: application/pgp-signature Content-Description: Digitale PGP-Unterschrift Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEABECAAYFAkjhvKIACgkQKc512sD3afiMKACcCznY+qSqny+U8puquIQ/vy/6 GAgAoJF7WS2TP3OziwZup28fMzDNSs65 =uAQR -----END PGP SIGNATURE----- --=_iet6cne77og--