promt solution with max-src-conn-rate
Max Laier
max at love2party.net
Mon May 15 23:25:49 UTC 2006
On Tue, May 16, 2006 1:17 am, Kian Mohageri wrote:
>>
>> There is a nice and easy way to blocking ssh brute-force attempts with
>> pf
>> only:
>>
>> http://legonet.org/~griffin/openbsd/block_ssh_bruteforce.html
>
>
>
> Exactly. This is a much cleaner solution than portknocking to stop brute
> force attacks. I recently implemented this on a few of my servers.
You have to be aware that this otoh might open you to DoS attacks. People
spoofing connections from your address will lock you out from your own
server.
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
More information about the freebsd-pf
mailing list