ssh brute force

• Previous message: Simon: "Re: I'm stupid"
• Next in thread: Buki: "Re: ssh brute force"
• Reply: Buki: "Re: ssh brute force"
• Reply: Chris Jones: "Re: ssh brute force"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 19 Jul 2005 22:12:52 +0300
To: freebsd-isp@freebsd.org

Hello,
This email may be is not for this mailing list, but with this problem
more and more ISP have troubles. I want to block ssh dictionary attack
with freebsd. I found nice solution with iptables for linux:

iptables -A INPUT -p tcp -m state --state ESTABLISHED --tcp-flags FIN,ACK
FIN,ACK --dport 22 -m recent --name sshattack --set

iptables -A INPUT -p tcp -m state --state ESTABLISHED --tcp-flags RST RST
--dport 22 -m recent --name sshattack --set

iptables -A INPUT -m recent --name sshattack --rcheck --seconds 60
--hitcount 4 -m limit --limit 4/minute -j LOG --log-prefix 'SSH attack: '

iptables -A INPUT -m recent --name sshattack --rcheck --seconds 60
--hitcount 4 -j DROP

Is it posible to make in this way with ipfw, ipf or pf on freebsd ?

Regards,
Todor Dragnev

-- 
There are no answers, only cross references
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

• Previous message: Simon: "Re: I'm stupid"
• Next in thread: Buki: "Re: ssh brute force"
• Reply: Buki: "Re: ssh brute force"
• Reply: Chris Jones: "Re: ssh brute force"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: FreeBSD challenged by Internet ... Subject: FreeBSD challenged by Internet ... The 2 systems, Windows or FreeBSD, cost the same. ... rated speed on DSL I don't think the DSL line is the limiting ... as an ISP employee could never countenance that:) The language ... (freebsd-questions) RE: newby isp questions ... I doubt you can run an effective hosting business on an ADSL line, ... one box in our network is FreeBSD. ... Subject: newby isp questions ... (freebsd-isp) Re: FreeBSD challenged by Internet ... FreeBSD box I'm using at the moment cost $10 at a flea market, ... rated speed on DSL I don't think the DSL line is the limiting ... Are you talking from world to you, or are you talking from ISP ... as of when I looked into it -- Verizon was charging something ... (freebsd-questions) Re: FreeBSD challenged by Internet ... As I am ad administrator of an ISP that is a DSL ... a profit doing this unless they configure their support ... Subject: FreeBSD challenged by Internet ... (freebsd-questions) Re: Qwest DLS & MSN Premium & Linksys Router & FreeBSD.. Oh my ... >> switch, FreeBSD and misc. ... >> So am I right in still thinking that with MSN as ... >> ISP my setup it isn't going to be FreeBSD friendly ... >> that my spiffy little Comcast setup isn't going to ... (freebsd-questions)