Date: Wed, 15 Dec 2004 19:17:19 -0500 (EST) From: John Von Essen <john@essenz.com> To: ctodd@chrismiller.com Cc: hackers@freebsd.org Subject: Re: brute3.tar.gz Message-ID: <20041215191327.V79963@beck.quonix.net> In-Reply-To: <Pine.BSI.4.58L.0412151602420.3132@vp4.netgate.net> References: <20041215184645.B79679@beck.quonix.net> <Pine.BSI.4.58L.0412151602420.3132@vp4.netgate.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hmm... Interesting. What if I try to redirect the output of tcpdump to a file. I am doing this on a f5 BigIP which sort of runs a "FreeBSD-ish" kernel. I've tried: tcpdump -i exp1 port ssh | grep -v '63.123' | grep -v 'lb01' >/var/ssh.capture But it never rights to the file. The above will capture the next unauthorized ssh and allow me to identify the source machine. -john On Wed, 15 Dec 2004 ctodd@chrismiller.com wrote: > > Think this might be it? > > http://netgroup-serv.iet.unipi.it/brute/ > > Just searched Google on brute.tar.gz > > Chris >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041215191327.V79963>