Date: Mon, 19 Dec 2005 22:28:13 +0100 From: Marian Hettwer <MH@kernel32.de> To: Hadi Maleki <freebsdlist@nimahost.net> Cc: freebsd-security@freebsd.org Subject: Re: Brute Force Detection + Advanced Firewall Policy Message-ID: <43A725ED.5090502@kernel32.de> In-Reply-To: <E1EoRW4-000AqG-O2@host84.nimahost.net> References: <E1EoRW4-000AqG-O2@host84.nimahost.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi there, Hadi Maleki wrote: > Any BFD/AFP softwares available for FreeBSD 4.10? > If you would update to a recent FreeBSD Release, you could probably use some nice pf(4) things... > Im getting flooded with ssh and ftp attempts. > I recently stumbled over quite a nice pf.conf (see man pfctl for details), which blacklists for instance ssh connections if the occur to often in a certain amount of time. For Example: # sshspammer table table <sshspammer> persist block log quick from <sshspammer> # sshspammer # more than 6 ssh attempts in 15 seconds will be blocked ;) pass in quick on $ext_if proto tcp to ($ext_if) port ssh $tcp_flags (max-src-conn 10, max-src-conn-rate 6/15, overload <sshspammer> flush global) HTH, Marian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43A725ED.5090502>