From owner-freebsd-security@FreeBSD.ORG  Mon Dec 19 21:03:31 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 07D1116A41F
	for <freebsd-security@freebsd.org>;
	Mon, 19 Dec 2005 21:03:31 +0000 (GMT)
	(envelope-from arne_woerner@yahoo.com)
Received: from web30311.mail.mud.yahoo.com (web30311.mail.mud.yahoo.com
	[68.142.201.229])
	by mx1.FreeBSD.org (Postfix) with SMTP id 3C3F343D5C
	for <freebsd-security@freebsd.org>;
	Mon, 19 Dec 2005 21:03:30 +0000 (GMT)
	(envelope-from arne_woerner@yahoo.com)
Received: (qmail 90109 invoked by uid 60001); 19 Dec 2005 21:03:29 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
	h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
	b=NOLT4zIheCIHsAiDEe99StS7tk4Ym6JR52t/fVH/FVlAURe+2g5UvaRjlQ+sxAC0rxE1PoV1x/45lMT6kHKwxqn4RAg6y7IvWkoyCK7sUOs9kNpzzfBT+Oi7ILyuDFGpd8jjxGo+oKjh3pFc2cE+m7IvHSr+ys5ft9iC2cYzegM=
	; 
Message-ID: <20051219210329.90107.qmail@web30311.mail.mud.yahoo.com>
Received: from [213.54.92.190] by web30311.mail.mud.yahoo.com via HTTP;
	Mon, 19 Dec 2005 13:03:29 PST
Date: Mon, 19 Dec 2005 13:03:29 -0800 (PST)
From: Arne Woerner <arne_woerner@yahoo.com>
To: freebsd-security@freebsd.org
In-Reply-To: <E1EoRWz-000Aqs-WA@host84.nimahost.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Subject: Re: Brute Force Detection + Advanced Firewall Policy
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Dec 2005 21:03:31 -0000

--- Hadi Maleki <freebsdlist@nimahost.net> wrote:
> Any BFD/AFP softwares available for FreeBSD 4.10?
> 
> Im getting flooded with ssh and ftp attempts.
>
What about a "white list"? I mean, three rules that blocks all
incoming traffic to those ports (21, 22, the others), and then a
rule for each "good IP" that allows the connection...

Some time ago I have read in this list something about attempts to
guess a SSH username and password... Maybe u can find that thread
in the archive via the Websearch interface?

Maybe it helps to disallow password athentication, because DSA
public key authentication is much more fun for users and admins...
:-))

-Arne


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com