From owner-freebsd-stable@FreeBSD.ORG  Wed Apr 12 09:16:13 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B9CD516A400
	for <freebsd-stable@freebsd.org>; Wed, 12 Apr 2006 09:16:13 +0000 (UTC)
	(envelope-from dmitry@atlantis.dp.ua)
Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EFD9043D5C
	for <freebsd-stable@freebsd.org>; Wed, 12 Apr 2006 09:16:12 +0000 (GMT)
	(envelope-from dmitry@atlantis.dp.ua)
Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231])
	by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id k3C9FxYA016265; 
	Wed, 12 Apr 2006 12:15:59 +0300 (EEST)
	(envelope-from dmitry@atlantis.dp.ua)
Date: Wed, 12 Apr 2006 12:15:59 +0300 (EEST)
From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua>
To: Dmitriy Kirhlarov <dimma@higis.ru>
In-Reply-To: <20060411170437.GD66947@dimma.mow.oilspace.com>
Message-ID: <20060412121116.S84879@atlantis.atlantis.dp.ua>
References: <443B6FC8.8080503@egonflower.com>
	<20060411170437.GD66947@dimma.mow.oilspace.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-stable@freebsd.org
Subject: Re: bruteforce
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Apr 2006 09:16:13 -0000


Hello!

On Tue, 11 Apr 2006, Dmitriy Kirhlarov wrote:
> On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote:
>> Hy, I'm triing to find a solution to bruteforce attack, mostly on port 22, 
>>without
>> moving services on different ports.
>
> try to use
> /usr/ports/security/sshit
-----------------------^^^^

  Funny name ;)

  For me the following specifications in sshd2_config (that's for SSH.COM's
security/ssh2) work reasonably:

        LoginGraceTime                  60
        AuthInteractiveFailureTimeout   10

These timeouts really make password guessing robots unhappy w/o affecting
my happiness ;)

> By.
> Dmitriy

Sincerely, Dmitry
-- 
Atlantis ISP, System Administrator
e-mail:  dmitry@atlantis.dp.ua
nic-hdl: LYNX-RIPE