From owner-freebsd-stable@FreeBSD.ORG  Tue Apr 11 18:52:55 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B60CA16A402
	for <freebsd-stable@freebsd.org>; Tue, 11 Apr 2006 18:52:55 +0000 (UTC)
	(envelope-from eksffa@freebsdbrasil.com.br)
Received: from capeta.freebsdbrasil.com.br (vrrp.freebsdbrasil.com.br
	[200.210.70.30]) by mx1.FreeBSD.org (Postfix) with SMTP id 7A62543D4C
	for <freebsd-stable@freebsd.org>; Tue, 11 Apr 2006 18:52:51 +0000 (GMT)
	(envelope-from eksffa@freebsdbrasil.com.br)
Received: (qmail 65119 invoked by uid 0); 11 Apr 2006 15:52:55 -0300
Received: from eksffa@freebsdbrasil.com.br by capeta.freebsdbrasil.com.br by
	uid 82 with qmail-scanner-1.22 
	(spamassassin: 2.64.  Clear:RC:1(200.210.42.5):. 
	Processed in 0.60608 secs); 11 Apr 2006 18:52:55 -0000
Received: from unknown (HELO ?10.69.69.69?) (200.210.42.5)
	by capeta.freebsdbrasil.com.br with SMTP; 11 Apr 2006 15:52:54 -0300
Message-ID: <443BFB00.3090101@freebsdbrasil.com.br>
Date: Tue, 11 Apr 2006 15:52:48 -0300
From: Patrick Tracanelli <eksffa@freebsdbrasil.com.br>
Organization: FreeBSD Brasil LTDA
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.12) Gecko/20051013
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Jordan Sissel <psionic@gmail.com>
References: <443B6FC8.8080503@egonflower.com>	<20060411170437.GD66947@dimma.mow.oilspace.com>	<1426257861.20060411192904@rulez.sk>
	<5ad23a300604111049i49d93cf7g1238512e7d372210@mail.gmail.com>
In-Reply-To: <5ad23a300604111049i49d93cf7g1238512e7d372210@mail.gmail.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-stable@freebsd.org, Daniel Gerzo <danger@rulez.sk>,
	Dmitriy Kirhlarov <dimma@higis.ru>
Subject: Re: bruteforce
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2006 18:52:55 -0000

Jordan Sissel wrote:
> On 4/11/06, Daniel Gerzo <danger@rulez.sk> wrote:
> 
>>Hello Dmitriy,
>>
>>Tuesday, April 11, 2006, 7:04:37 PM, you typed the following:
>>
>>
>>>On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote:
>>>
>>>>Hy, I'm triing to find a solution to bruteforce attack, mostly on port
>>
>>22, without
>>
>>>>moving services on different ports.
>>
>>>try to use
>>>/usr/ports/security/sshit
>>
>>maybe security/bruteforceblocker
> 
> 
> 
> If you're looking for something with a more generalized approach, check out
> sysutils/grok. It comes with examples that block brute force efforts, and
> can do much more.

Doesnt open sshd itself has a feature which blocks or imposes a delay 
upon a number of failed logins from the same address?

-- 
Patrick Tracanelli