Re: ssh brute force
From: Andrew McNaughton (andrew_at_scoop.co.nz)
Date: 07/21/05
- Previous message: Chris Buechler: "Re: ssh brute force"
- In reply to: Chris Buechler: "Re: ssh brute force"
- Next in thread: Todor Dragnev: "Re: ssh brute force"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 21 Jul 2005 12:51:47 +1200 (NZST) To: Chris Buechler <cbuechler@gmail.com>
On Wed, 20 Jul 2005, Chris Buechler wrote:
> On 7/20/05, Chris Jones <cdjones@novusordo.net> wrote:
>>
>> I'm looking at having a script look at SSH's log output for repeated
>> failed connection attempts from the same address, and then blocking that
>> address through pf (I'm not yet sure whether I want to do it temporarily
>> or permanently).
Make it temporary. Maybe three hours after 3 successive failures. just
slowing down connections is enough to make brute force impractical.
Andrew
-------------------------------------------------------------------
Andrew McNaughton http://www.scoop.co.nz/
andrew@scoop.co.nz Mobile: +61 422 753 792
-- Of all forms of caution, caution in love is the most fatal -- pgp encrypted mail welcome keyid: 70F6C32D keyserver: pgp.mit.edu 5688 2396 AA81 036A EBAC 2DD4 1BEA 7975 A84F 6686 _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
- Previous message: Chris Buechler: "Re: ssh brute force"
- In reply to: Chris Buechler: "Re: ssh brute force"
- Next in thread: Todor Dragnev: "Re: ssh brute force"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
