Date: Sat, 18 Mar 2006 16:00:43 -0800 From: Chris Maness <chris@chrismaness.com> To: Kris Anderson <ciscoaix@yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: How to Stop Bruit Force ssh Attempts? Message-ID: <441C9F2B.6010708@chrismaness.com> In-Reply-To: <20060318223748.20675.qmail@web52703.mail.yahoo.com> References: <20060318223748.20675.qmail@web52703.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Anderson wrote: > --- Chris Maness <chris@chrismaness.com> wrote: > > >> In my auth log I see alot of bruit force attempts to >> login via ssh. Is >> there a way I can have the box automatically kill >> any tcp/ip >> connectivity to hosts that try and fail a given >> number of times? Is >> there a port or something that I can install to give >> this kind of >> protection. I'm still kind of a FreeBSD newbie. >> >> Thanks, >> Chris Maness >> > > Hey there, > A couple of things you could try. I believe there is a > port that watches log files, utilizing that you could > create a script to add the IP to your firewall rules > then after a time remove it. > > The other way is to use snort_inline and see how that > works. > > Hope that helps. > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > I'm using denyhost per someone on the lists recomendation. It works very well.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?441C9F2B.6010708>