Blacklisting IPs

artware artware at
Sun Jan 9 22:20:12 PST 2005

Hello again,

My 5.3R system has only been up a little over a week, and I've already
had a few breakin attempts -- they show up as Illegal user tests in
the /var/log/auth.log... It looks like they're trying common login
names (probably with the login name used as passwd). It takes them
hours to try a dozen names, but I'd rather not have any traffic from
these folks. Is there any way to blacklist IPs at the system level, or
do I have to hack something together for each daemon?

- ben

More information about the freebsd-questions mailing list