Date: Mon, 14 Mar 2005 08:04:30 -0500 From: Kyle Jensen <kljgroups@gmail.com> To: freebsd-questions@freebsd.org Subject: Cutting down on ssh breakin attempts Message-ID: <fa357bee0503140504104f3aa4@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, I run a webmail server for a small company, which is (of course) running FreeBSD 5-stable. I get about 50-100 failed loging attempts via ssh on a daily basis. Occasionally, these show up in my daily security digest with messages like: reverse mapping checking getaddrinfo for h169-210-68-8.a dcast.com.tw failed - POSSIBLE BREAKIN ATTEMPT! But mostly it's stuff like Illegal user postgres from 210.68.8.169 What's the best way to cut down on these attempts? I thought about adding a blacklist to my pf.conf rules for the pf firewall. Any thoughts would be greatly appreciated! Kyle
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fa357bee0503140504104f3aa4>