Onpening and Closing ports
karol.kwiat at gmail.com
Tue Feb 13 15:00:57 UTC 2007
Andy Greenwood wrote:
> On 2/13/07, Zbigniew Szalbot <zbyszek at szalbot.homedns.org> wrote:
>> Peter N. M. Hansteen wrote:
>> > You can head them off rather easily with a short PF rule set, see
>> > eg http://home.nuug.no/~peter/pf/en/bruteforce.html.
>> > They can actually be fun to watch :)
>> It was funny for me because I set the max con rule to 10 and then logged
>> in 10 times to see if that would work. Of course that did (silly me!) and
>> as a result I blocked myself the access to the machine. I logged in from
>> another IP and commented out the pf.conf file entries for the bruteforce
>> but wonder how to empty the table (so that it does not contain my ip) and
>> enable the bruteforce defence again.
> man pfctl. Specifically the -T switch.
Also, have a look at security/expiretable. You can automagically remove
entries from tables after specified time. It is mentioned in the article
linked above .
Karol Kwiatkowski <karol.kwiat at gmail dot com>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20070213/9491bdd5/signature.pgp
More information about the freebsd-questions