ssh brute force
Chris Buechler
cbuechler at gmail.com
Thu Jul 21 00:43:51 GMT 2005
On 7/20/05, Chris Jones <cdjones at novusordo.net> wrote:
>
> I'm looking at having a script look at SSH's log output for repeated
> failed connection attempts from the same address, and then blocking that
> address through pf (I'm not yet sure whether I want to do it temporarily
> or permanently).
Matt Dillon wrote an app in C to do just that, with ipfw.
http://leaf.dragonflybsd.org/mailarchive/users/2005-03/msg00008.html
Scott Ullrich modified it to work with pf.
http://pfsense.org/cgi-bin/cvsweb.cgi/tools/sshlockout_pf.c
-Chris
More information about the freebsd-isp
mailing list