Date: Tue, 16 May 2006 01:25:42 +0200 (CEST) From: "Max Laier" <max@love2party.net> To: "Kian Mohageri" <kian.mohageri@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: promt solution with max-src-conn-rate Message-ID: <55278.192.168.4.1.1147735542.squirrel@mail.abi01.homeunix.org> In-Reply-To: <fee88ee40605151617x75001284x54b9f33f89b7c339@mail.gmail.com> References: <44680266.2090007@azimut-tour.ru> <446873D3.7090703@azimut-tour.ru> <55e8a96c0605150907k49af4454t5d0431ea036e11bc@mail.gmail.com> <200605151823.17265.viktor.vasilev@stud.tu-darmstadt.de> <fee88ee40605151617x75001284x54b9f33f89b7c339@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 16, 2006 1:17 am, Kian Mohageri wrote: >> >> There is a nice and easy way to blocking ssh brute-force attempts with >> pf >> only: >> >> http://legonet.org/~griffin/openbsd/block_ssh_bruteforce.html > > > > Exactly. This is a much cleaner solution than portknocking to stop brute > force attacks. I recently implemented this on a few of my servers. You have to be aware that this otoh might open you to DoS attacks. People spoofing connections from your address will lock you out from your own server. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55278.192.168.4.1.1147735542.squirrel>