SSH Brute Force attempts
Ollivier Robert
roberto at keltia.freenix.fr
Tue Sep 30 08:16:40 UTC 2008
According to Henrik Hudson:
> Yeap, -security
>
> However, also try this in pf.conf (specific rules related to this; you'll need
> more for a real pf.conf):
>
> table <badguys> { } persist
> block in quick from <badguys>
> pass in on $ext_if proto tcp from any to ($ext_if) port ssh keep state
> (max-src-conn 5, max-src-conn-rate 4/300, overload <badguys> flush global)
That one is very effective.
--
Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto at keltia.freenix.fr
Darwin sidhe.keltia.net Version 9.4.0: Mon Jun 9 19:30:53 PDT 2008; i386
More information about the freebsd-hackers
mailing list