From owner-freebsd-questions@FreeBSD.ORG Thu Sep 18 10:22:10 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7A122106564A for ; Thu, 18 Sep 2008 10:22:10 +0000 (UTC) (envelope-from mail@ozzmosis.com) Received: from smtp.mel.people.net.au (smtp.mel.people.net.au [218.214.17.98]) by mx1.freebsd.org (Postfix) with SMTP id B1A368FC0A for ; Thu, 18 Sep 2008 10:22:09 +0000 (UTC) (envelope-from mail@ozzmosis.com) Received: (qmail 19996 invoked from network); 18 Sep 2008 10:21:55 -0000 Received: from unknown (HELO blizzard.dnsalias.org) (218.215.137.55) by smtp.mel.people.net.au with SMTP; 18 Sep 2008 10:21:55 -0000 Received: by blizzard.dnsalias.org (Postfix, from userid 1001) id 85DAB170A3; Thu, 18 Sep 2008 20:22:06 +1000 (EST) Date: Thu, 18 Sep 2008 20:22:06 +1000 From: andrew clarke To: freebsd-questions@freebsd.org Message-ID: <20080918102206.GA87327@ozzmosis.com> References: <14143EECEC1CC52A4BC39AC3@ganymede.hub.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) Cc: Tom Marchand Subject: Re: Auto blacklist ssh connections ... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Sep 2008 10:22:10 -0000 On Wed 2008-09-17 19:36:02 UTC-0400, Tom Marchand (m0rchand@comcast.net) wrote: >> Does anyone know of a utility that I can use with sshd to auto-block >> by IP if there are more then N failed attempts in a row? > Why don't you have sshd listen on a different port? I imagine that on some hosts where there are multiple users/customers, moving sshd to another port isn't a practical solution due to people's habits in trying to connect to the default port. A human problem rather than a technical one. PS. Top posting is cruel.