ssh brute force
Todor Dragnev
todor.dragnev at gmail.com
Tue Jul 19 19:12:55 GMT 2005
Hello,
This email may be is not for this mailing list, but with this problem
more and more ISP have troubles. I want to block ssh dictionary attack
with freebsd. I found nice solution with iptables for linux:
iptables -A INPUT -p tcp -m state --state ESTABLISHED --tcp-flags FIN,ACK
FIN,ACK --dport 22 -m recent --name sshattack --set
iptables -A INPUT -p tcp -m state --state ESTABLISHED --tcp-flags RST RST
--dport 22 -m recent --name sshattack --set
iptables -A INPUT -m recent --name sshattack --rcheck --seconds 60
--hitcount 4 -m limit --limit 4/minute -j LOG --log-prefix 'SSH attack: '
iptables -A INPUT -m recent --name sshattack --rcheck --seconds 60
--hitcount 4 -j DROP
Is it posible to make in this way with ipfw, ipf or pf on freebsd ?
Regards,
Todor Dragnev
--
There are no answers, only cross references
More information about the freebsd-isp
mailing list