From owner-freebsd-security@FreeBSD.ORG  Mon May 10 09:02:06 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id ED1CF16A4CE
	for <freebsd-security@freebsd.org>;
	Mon, 10 May 2004 09:02:06 -0700 (PDT)
Received: from relay2.mecon.ar (relay2.mecon.gov.ar [168.101.16.11])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4903743D1F
	for <freebsd-security@freebsd.org>;
	Mon, 10 May 2004 09:02:03 -0700 (PDT)
	(envelope-from fernando@mecon.gov.ar)
Received: from racing.mecon.ar (racing.mecon.gov.ar [168.101.133.15])
	by relay2.mecon.ar (8.12.8p2/8.12.8) with ESMTP id i4AG20G2022056;
	Mon, 10 May 2004 13:02:00 -0300 (ART)
	(envelope-from fernando@mecon.gov.ar)
Received: from racing.mecon.ar (meyosp.mecon.gov.ar [10.11.0.149])
	by racing.mecon.ar (8.12.8p2/8.12.8) with ESMTP id i4AG20Ee001668;
	Mon, 10 May 2004 13:02:00 -0300 (ART)
	(envelope-from fernando@mecon.gov.ar)
Received: from bal740r0.mecon.gov.ar (bal740r0.mecon.ar [10.11.1.11])
	by racing.mecon.ar (8.12.8p2/8.12.8) with ESMTP id i4AG1xW2001665;
	Mon, 10 May 2004 13:01:59 -0300 (ART)
	(envelope-from fernando@mecon.gov.ar)
Received: from bal740r0.mecon.gov.ar (localhost [127.0.0.1])
	i4AG20T1001337;	Mon, 10 May 2004 13:02:00 -0300 (ART)
	(envelope-from fernando@mecon.gov.ar)
Received: (from fpscha@localhost)
	by bal740r0.mecon.gov.ar (8.12.8p2/8.12.6/Submit) id i4AG1x7a001336;
	Mon, 10 May 2004 13:01:59 -0300 (ART)
	(envelope-from fernando@mecon.gov.ar)
X-Authentication-Warning: bal740r0.mecon.gov.ar: fpscha set sender to
	fernando@mecon.gov.ar using -f
Date: Mon, 10 May 2004 13:01:59 -0300
From: Fernando Schapachnik <fernando@mecon.gov.ar>
To: Mike Tancsa <mike@sentex.net>
Message-ID: <20040510160159.GY306@bal740r0.mecon.gov.ar>
References: <6.0.3.0.0.20040510115614.04be3708@64.7.153.2>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <6.0.3.0.0.20040510115614.04be3708@64.7.153.2>
User-Agent: Mutt/1.4.2.1i
X-OS: FreeBSD 4.7 - http://www.freebsd.org
cc: freebsd-security@freebsd.org
Subject: Re: rate limiting sshd connections ?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 10 May 2004 16:02:07 -0000

Have you checked MaxStartups at the sshd_config man page?

En un mensaje anterior, Mike Tancsa escribió:
> 
> Does anyone know of a way to rate limit ssh connections from an IP address 
> ?  We are starting to see more and more brute force attempts to guess 
> simple passwords "/usr/sbin/inetd -wWl -C 10" is nice for slowing down 
> attempts to services launched via inetd.  Is there an equiv method for 
> doing this to sshd?  Running from inetd has some issues supposedly.