Date: Fri, 01 Jan 2010 09:28:32 -0600 From: "J.D. Bronson" <jd.bronson@hanadarko.com> Cc: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@freebsd.org> Subject: Re: Blocking a slow-burning SSH bruteforce Message-ID: <4B3E14A0.5040609@hanadarko.com> In-Reply-To: <4B3E1295.9050902@pdconsec.net> References: <4B3E0D11.1080101@pdconsec.net> <4B3E0FBD.2010605@sbcglobal.net> <4B3E1295.9050902@pdconsec.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1/1/10 9:19 AM, David Rawling wrote: > Darn. > > 1 is out because 22 is the one port that most organisations (including > mine) allow out of their networks for administering routers. > > 2 is unfortunately not an option (as a consultant I do work from many > networks) > > 4 - again I might have to log in any time ... > > 3 seems the best approach. > > Thanks for your thoughts, it's good to get second opinions. > > Dave. I understand using/needing port 22 opened...but what another widely used port..like for Citrix (sp?) or something? - most firewalls have those ports open. As far as controlling login time and access, I meant something like this: # Authentication: LoginGraceTime 1m MaxAuthTries 2 # Allow staff access and users no access AllowGroups staff -- J.D. Bronson Information Technology Aurora Health Care - Milwaukee WI
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B3E14A0.5040609>