Protecting SSH from brute force attacks

Luke luked at
Thu Oct 7 15:15:31 PDT 2004

There are several script kiddies out there hitting my SSH server every
day.  Sometimes they attempt to brute-force their way in trying new
logins every second or so for hours at a time.  Given enough time, I fear
they will eventually get in.
Is there anything I can do to hinder them?

I'd like to ban the IP after 50 failed attempts or something.  I'd heard
that each failed attempt from a source was supposed to make the daemon
respond slower each time, thus limiting the usefulness of brute force
attacks, but I'm not seeing that behavior.

More information about the freebsd-questions mailing list