machine hangs on occasion - correlated with ssh break-in
attempts
Rink Springer
rink at FreeBSD.org
Thu Aug 21 20:25:01 UTC 2008
On Thu, Aug 21, 2008 at 01:03:09PM -0700, Jeremy Chadwick wrote:
> Finally, consider moving to pf instead, if you really feel ipfw is
> what's causing your machine to crash. You might be pleasantly surprised
> by the syntax, and overall administrative usability (it is significantly
> superior to ipfw, IMHO).
In fact, pf can already do this out-of-the-box, by doing something like:
table <sshlusers> persist
pass quick on $wan_if proto tcp from any to any port ssh flags S/SA keep
state \
(max-src-conn 15, max-src-conn-rate 5/3, overload <sshlusers> flush
global)
If that is not an option, I have found that security/denyhosts works
pretty well too (it just adds IP's to /etc/hosts.deniedssh, and
host_access(5) denies them based on this)
Regards,
--
Rink P.W. Springer - http://rink.nu
"Anyway boys, this is America. Just because you get more votes doesn't
mean you win." - Fox Mulder
More information about the freebsd-security
mailing list