How to Stop Bruit Force ssh Attempts?
Chris Maness
chris at chrismaness.com
Sat Mar 18 20:35:39 UTC 2006
Wes Santee wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Chris Maness wrote:
>
>> In my auth log I see alot of bruit force attempts to login via ssh. Is
>> there a way I can have the box automatically kill any tcp/ip
>> connectivity to hosts that try and fail a given number of times? Is
>> there a port or something that I can install to give this kind of
>> protection. I'm still kind of a FreeBSD newbie.
>>
>
> security/bruteforeceblocker (requires pf as the firewall)
>
> security/denyhosts (uses tcp_wrappers and /etc/hosts.allow)
>
> security/sshit (requires ipfw as firewall)
>
> I rolled my own solution and haven't used any of these, so I don't know
> how well they work in practice. They probably all require some initial
> setup and configuration.
>
> Cheers,
> - -Wes
>
>
Thanks, I played with all three. Denyhosts is the best hands down.
More information about the freebsd-questions
mailing list