High levels of breakin attempts
Ted Mittelstaedt
tedm at toybox.placo.com
Tue Jan 11 00:17:47 PST 2005
Yes Eric, just write a FAQ answer and post it per the following:
http://www.freebsd.org/docproj/submitting.html
Thanks for volunteering!
Ted
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Erik Norgaard
> Sent: Tuesday, January 11, 2005 12:12 AM
> To: Gene
> Cc: freebsd-questions at FreeBSD. ORG
> Subject: Re: High levels of breakin attempts
>
>
> Gene wrote:
> > Over the past few months there have been a remarkably high level of
> > brute force attacks logged by sshd. I was wondering, is
> there a way that
> > sshd (or some other package) can monitor login attempts and
> if more than
> > say 5 or 6 attempts are made to login from a particular ip address,
> > temporarily block that address (perhaps at the firewall)?
> It'd be real
> > satisfying to just dump the attackers' packets to the bit bucket and
> > slow 'em down a bit.
>
> Sorry, but this topic was discussed just before you posted - see
> "Blacklisting IPs" and it is regularly discussed on various lists.
> Everyone asks that same question, and everyone propose the same
> solutions, could this be added to the faq?
>
> Cheers, Erik
> --
> Ph: +34.666334818 web:
> www.locolomo.org
> S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
> Subject ID:
> A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
> Fingerprint:
> 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list