Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?

Erik Norgaard norgaard at
Mon Nov 13 20:25:46 UTC 2006

Leo L. Schwab wrote:
> 	I recently installed FreeBSD 6.1 on my gateway.  It replaced an
> installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I had
> disabled the SSH server.  Since all the bugs in SSH are fixed now ( :-) ), I
> thought I'd leave the server on, and am somewhat dismayed to discover that I
> now get occasional brute-force/dictionary attacks on the port.

Whichever service you have running, if you look in the log you will find 
attempts of attack, ssh is no different, it's a target.

Honestly, I wouldn't worry about it: review your config and make some 
simple choices to reduce the noise, see this article:

Rather than reposting myself - this issue is regularly debated, I think 
last time (or last time I participated) was debated 19-09-2006. Check 
the archive.

Cheers, Erik

Ph: +34.666334818                      web:
X.509 Certificate:
Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9

More information about the freebsd-questions mailing list