bruteforce
Matteo 'egon' Baldi
ml at egonflower.com
Tue Apr 11 08:54:13 UTC 2006
Hy, I'm triing to find a solution to bruteforce attack, mostly on port
22, without moving services on different ports.
I've try something similar to this:
table <ssh-bruteforce> persist
block in quick from <ssh-bruteforce>
pass in on $ext_if proto tcp from any to ($ext_if) port ssh \
flags S/SA keep state \
(max-src-conn-rate 3/30, overload <ssh-bruteforce> flush global
block drop in quick on $ext_if from <ssh-bruteforce>
but i get:
gate# pfctl -f /etc/pf.conf
/etc/pf.conf:48: illegal timeout name max-src-conn-rate
pfctl: Syntax error in config file: pf rules not loaded
where do I go wrong??
egon.
---------------------------
kernel options:
# PF Support
options IPSEC
device pf
device pflog
device pfsync
options QUOTA
#ALTQ Support
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_CDNR
options ALTQ_PRIQ
------------------------------------
--
-----------------------------------------------------------------------------------------------
You are not your job.
You're not how much money you have in the bank.
You're not the car you drive.
You're not the contents of your wallet.
You're not your fucking khakis.
You are the all-singing, all-dancing crap of the world...
----------------------------------------------------------------------------------------------
http://www.015-bsd.org
info at 015-bsd.org
-----------------------------------------------------------------------------------------------
More information about the freebsd-stable
mailing list