Defending against SSH attacks with pf
Juha Saarinen
juhasaarinen at gmail.com
Mon Apr 16 00:19:46 UTC 2007
On 4/16/07, Bill Moran <wmoran at potentialtech.com> wrote:
>
> There was some discussion on this list not too long ago, and someone
> asked if I was willing to make my pf config and the associated scripts
> I wrote for it public. I would have posted on the original thread,
> but I can't find it now.
>
> Here is the information:
> http://www.potentialtech.com/cms/node/16
Useful, but the bots have started to use longer intervals between
connection attempts now. The intervals are not yet randomised though.
$ sudo pfctl -t sshbrute -T show | wc
234 234 4023
Ugh. That's in just under two months.
--
Juha
http://www.geekzone.co.nz/juha
More information about the freebsd-questions
mailing list