From owner-freebsd-stable@FreeBSD.ORG Wed Apr 12 03:42:09 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7111416A407 for ; Wed, 12 Apr 2006 03:42:09 +0000 (UTC) (envelope-from adam@thegeeklord.com) Received: from spunkymail-a13.dreamhost.com (mailbigip.dreamhost.com [208.97.132.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2FC8643D45 for ; Wed, 12 Apr 2006 03:42:09 +0000 (GMT) (envelope-from adam@thegeeklord.com) Received: from [192.168.0.10] (c-24-34-72-209.hsd1.ma.comcast.net [24.34.72.209]) by spunkymail-a13.dreamhost.com (Postfix) with ESMTP id 96F2D129ADB for ; Tue, 11 Apr 2006 20:42:03 -0700 (PDT) Message-ID: <443C76F1.60608@thegeeklord.com> Date: Tue, 11 Apr 2006 23:41:37 -0400 From: Adam Stroud User-Agent: Thunderbird 1.5 (X11/20060406) MIME-Version: 1.0 To: freebsd-stable@freebsd.org References: <443B6FC8.8080503@egonflower.com> <20060411170437.GD66947@dimma.mow.oilspace.com> <1426257861.20060411192904@rulez.sk> <5ad23a300604111049i49d93cf7g1238512e7d372210@mail.gmail.com> <443BFB00.3090101@freebsdbrasil.com.br> <443C75BD.6030801@thegeeklord.com> In-Reply-To: <443C75BD.6030801@thegeeklord.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: bruteforce X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2006 03:42:09 -0000 I forgot to mention that pf is also available on FreeBSD too. Adam Stroud wrote: > I have been using pf (on an OpenBSD box) to automatically block > offending IP address using pf and it seems to work well for me. > Basically when an attackers tries to connect x number of times in y > minutes, I have the firewall set up to block the automatically. > > Works like a charm. > A > > Patrick Tracanelli wrote: >> Jordan Sissel wrote: >>> On 4/11/06, Daniel Gerzo wrote: >>> >>>> Hello Dmitriy, >>>> >>>> Tuesday, April 11, 2006, 7:04:37 PM, you typed the following: >>>> >>>> >>>>> On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote: >>>>> >>>>>> Hy, I'm triing to find a solution to bruteforce attack, mostly on >>>>>> port >>>> >>>> 22, without >>>> >>>>>> moving services on different ports. >>>> >>>>> try to use >>>>> /usr/ports/security/sshit >>>> >>>> maybe security/bruteforceblocker >>> >>> >>> >>> If you're looking for something with a more generalized approach, >>> check out >>> sysutils/grok. It comes with examples that block brute force >>> efforts, and >>> can do much more. >> >> Doesnt open sshd itself has a feature which blocks or imposes a delay >> upon a number of failed logins from the same address? >> > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"