SSH Brute Force attempts
rb at gid.co.uk
Tue Sep 30 07:50:36 UTC 2008
On 30 Sep 2008, at 01:10, Rich Healey wrote:
> Recently I'm getting a lot of brute force attempts on my server, in
> past I've used various tips and tricks with linux boxes but many of
> were fairly linux specific.
> What do you BSD guys use for this purpose?
[various solutions proposed]
I too would worry about having something automatically updating filter
rulesets. An alternative is to blackhole route the offending source, eg:
route -nq add -host a.b.c.d 127.0.0.1 -blackhole
WHatever solution you adopt, the ability to whitelist is a very good
idea (especially if you are as inaccurate a typist as I am). And I'd
second what others have said about avoiding passwords altogether if
it's possible in your situation.
Bob Bishop +44 (0)118 940 1243
rb at gid.co.uk fax +44 (0)118 940 1295
mobile +44 (0)783 626 4518
More information about the freebsd-hackers