Date: Thu, 21 Jul 2005 13:49:59 +0300 From: Todor Dragnev <todor.dragnev@gmail.com> To: Chris Buechler <cbuechler@gmail.com> Cc: freebsd-isp@freebsd.org, Chris Jones <cdjones@novusordo.net> Subject: Re: ssh brute force Message-ID: <200507211349.59772.todor.dragnev@gmail.com> In-Reply-To: <d64aa176050720174322ebc621@mail.gmail.com> References: <f72a639a050719121244719e22@mail.gmail.com> <42DEAE1F.8000702@novusordo.net> <d64aa176050720174322ebc621@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thank you. On Thursday 21 July 2005 03:43, Chris Buechler wrote: > On 7/20/05, Chris Jones <cdjones@novusordo.net> wrote: > > I'm looking at having a script look at SSH's log output for repeated > > failed connection attempts from the same address, and then blocking that > > address through pf (I'm not yet sure whether I want to do it temporarily > > or permanently). > > Matt Dillon wrote an app in C to do just that, with ipfw. > http://leaf.dragonflybsd.org/mailarchive/users/2005-03/msg00008.html > > Scott Ullrich modified it to work with pf. > http://pfsense.org/cgi-bin/cvsweb.cgi/tools/sshlockout_pf.c > > -Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507211349.59772.todor.dragnev>