From owner-freebsd-questions@FreeBSD.ORG Tue Feb 13 14:00:07 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 539D616A401 for ; Tue, 13 Feb 2007 14:00:07 +0000 (UTC) (envelope-from greenwood.andy@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.171]) by mx1.freebsd.org (Postfix) with ESMTP id 2244613C4A5 for ; Tue, 13 Feb 2007 14:00:05 +0000 (UTC) (envelope-from greenwood.andy@gmail.com) Received: by ug-out-1314.google.com with SMTP id 71so177552ugh for ; Tue, 13 Feb 2007 06:00:05 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=DT/7s3lUrzhT8Ea6hgxmHymVBLbBuZLXpdMAvrHj4p7WB1PG03TXKMnZbx7zR+/TE2UZ5fmUY7gduU4dbWuf17PzzkXUS6C2JspdQuvrUkBvKEF/rMaL2DWqkTE7481IZRtzgSELsK+VpwZ2ApDA2aAtJqqmaqUpVd39oouu0Dk= Received: by 10.78.200.3 with SMTP id x3mr58477huf.1171375204549; Tue, 13 Feb 2007 06:00:04 -0800 (PST) Received: by 10.78.135.20 with HTTP; Tue, 13 Feb 2007 06:00:04 -0800 (PST) Message-ID: <3ee9ca710702130600j61d84c87vb6930398ab9984d6@mail.gmail.com> Date: Tue, 13 Feb 2007 09:00:04 -0500 From: "Andy Greenwood" To: freebsd-questions@freebsd.org In-Reply-To: <3814.192.168.16.2.1171354601.squirrel@lists.lc-words.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <45CEC7A4.7030802@ephgroup.com> <87tzxqpko3.fsf@thingy.datadok.no> <3814.192.168.16.2.1171354601.squirrel@lists.lc-words.com> Subject: Re: Onpening and Closing ports X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Feb 2007 14:00:07 -0000 On 2/13/07, Zbigniew Szalbot wrote: > Hello, > > Peter N. M. Hansteen wrote: > > You can head them off rather easily with a short PF rule set, see > > eg http://home.nuug.no/~peter/pf/en/bruteforce.html. > > > > They can actually be fun to watch :) > > It was funny for me because I set the max con rule to 10 and then logged > in 10 times to see if that would work. Of course that did (silly me!) and > as a result I blocked myself the access to the machine. I logged in from > another IP and commented out the pf.conf file entries for the bruteforce > but wonder how to empty the table (so that it does not contain my ip) and > enable the bruteforce defence again. man pfctl. Specifically the -T switch. > > Thank you very much! > > -- > Zbigniew Szalbot > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- -- I'm nerdy in the extreme and whiter than sour cream