incorrect logins
Philip Hallstrom
freebsd at philip.pjkh.com
Sat Feb 11 21:21:25 PST 2006
> I see many records as
> Feb 10 21:08:55 sstand sshd[84600]: Failed password for root from 61.218.130.20 port 46356 ssh2
>
> How can i block these IP, who try "root" as login?
> Have any soft in ports?
There are some ports that do it. One thing I didn't like about the ports
(at least the ones I looked at) was that the app managed removing the
firewall rules itself. Which means that if the app crashes right after
you lock yourself out for some reason, thoes firewall rules are never
going to get reset.
http://www.pjkh.com/wiki/ssh_monitor
Is my own little perl script and associated crontab entries to get around
it.
But if it were me, I'd check the ports out too as some of them do more
than what I wanted to do.
More information about the freebsd-questions
mailing list