Re: How to Stop Bruit Force ssh Attempts?
- From: Kris Anderson <ciscoaix@xxxxxxxxx>
- Date: Sat, 18 Mar 2006 14:37:48 -0800 (PST)
--- Chris Maness <chris@xxxxxxxxxxxxxxx> wrote:
In my auth log I see alot of bruit force attempts to
login via ssh. Is
there a way I can have the box automatically kill
any tcp/ip
connectivity to hosts that try and fail a given
number of times? Is
there a port or something that I can install to give
this kind of
protection. I'm still kind of a FreeBSD newbie.
Thanks,
Chris Maness
Hey there,
A couple of things you could try. I believe there is a
port that watches log files, utilizing that you could
create a script to add the IP to your firewall rules
then after a time remove it.
The other way is to use snort_inline and see how that
works.
Hope that helps.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: How to Stop Bruit Force ssh Attempts?
- From: Chris Maness
- Re: How to Stop Bruit Force ssh Attempts?
- References:
- How to Stop Bruit Force ssh Attempts?
- From: Chris Maness
- How to Stop Bruit Force ssh Attempts?
- Prev by Date: user cannot login from anywhere
- Next by Date: Re: Building a virgin.
- Previous by thread: Re: How to Stop Bruit Force ssh Attempts?
- Next by thread: Re: How to Stop Bruit Force ssh Attempts?
- Index(es):
Relevant Pages
|
|
