ssh brute force
Daniel Gerzo
danger at rulez.sk
Sun Jul 24 23:05:09 GMT 2005
Hello Chris,
Thursday, July 21, 2005, 2:43:08 AM, si tukal:
> On 7/20/05, Chris Jones <cdjones at novusordo.net> wrote:
>>
>> I'm looking at having a script look at SSH's log output for repeated
>> failed connection attempts from the same address, and then blocking that
>> address through pf (I'm not yet sure whether I want to do it temporarily
>> or permanently).
> Matt Dillon wrote an app in C to do just that, with ipfw.
> http://leaf.dragonflybsd.org/mailarchive/users/2005-03/msg00008.html
> Scott Ullrich modified it to work with pf.
> http://pfsense.org/cgi-bin/cvsweb.cgi/tools/sshlockout_pf.c
I have made security/bruteforceblocker
It's a perl script that works with opensshd's logs and pf
> -Chris
--
sincerely...
DanGer, ICQ: 261701668 | e-mail protecting at: http://www.2pu.net/
http://danger.rulez.sk | proxy list at: http://www.proxy-web.com/
| FreeBSD - The Power to Serve!
More information about the freebsd-isp
mailing list