Date: Tue, 19 Jul 2005 22:12:52 +0300 From: Todor Dragnev <todor.dragnev@gmail.com> To: freebsd-isp@freebsd.org Subject: ssh brute force Message-ID: <f72a639a050719121244719e22@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello,=20 This email may be is not for this mailing list, but with this problem more and more ISP have troubles. I want to block ssh dictionary attack with freebsd. I found nice solution with iptables for linux: iptables -A INPUT -p tcp -m state --state ESTABLISHED --tcp-flags FIN,ACK FIN,ACK --dport 22 -m recent --name sshattack --set iptables -A INPUT -p tcp -m state --state ESTABLISHED --tcp-flags RST RST --dport 22 -m recent --name sshattack --set iptables -A INPUT -m recent --name sshattack --rcheck --seconds 60 --hitcount 4 -m limit --limit 4/minute -j LOG --log-prefix 'SSH attack: ' iptables -A INPUT -m recent --name sshattack --rcheck --seconds 60 --hitcount 4 -j DROP Is it posible to make in this way with ipfw, ipf or pf on freebsd ? Regards, Todor Dragnev --=20 There are no answers, only cross references
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f72a639a050719121244719e22>