Date: Tue, 25 Jan 2005 10:24:42 +0100 From: Anthony Atkielski <atkielski.anthony@wanadoo.fr> To: freebsd-questions@freebsd.org Subject: Re: Banning ips for some time? Message-ID: <134496582.20050125102442@wanadoo.fr> In-Reply-To: <41F60ECC.8050206@myunix.net> References: <41F60ECC.8050206@myunix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Christian Tischler writes: CT> Hi, CT> as I have an DSL line witch is 24/7 online (coming from an big and CT> popular provider) my servers sshd reports 30 to 50 failed CT> root/operator/etc. logins a day. I would like to block the incoming ip CT> for a few days automaticly after e.g failed login requests. CT> Currently I am using ipf, but it would be no problem to use any other CT> FreeBSD firewall. CT> This is not only for security reasons, but also to shorten the daily CT> security run output :-) Do you have a need to access your server from the outside Net? If not, you can just block the SSH port entirely at the firewall (which is what I do). Almost doesn't count in securityland, so as long as the logins are failing, they're not a security risk, just a nuisance. -- Anthony
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?134496582.20050125102442>