High levels of breakin attempts

Gene listmail at Bomgardner.net
Mon Jan 10 21:16:33 PST 2005

Over the past few months there have been a remarkably high level  of 
brute force attacks logged by sshd. I was wondering, is there a way that 
sshd (or some other package) can monitor login attempts and if more than 
say 5 or 6 attempts are made to login from a particular ip address, 
temporarily block that address (perhaps at the firewall)? It'd be real 
satisfying to just dump the attackers' packets to the bit bucket and 
slow 'em down a bit.

Thanx - Gene

More information about the freebsd-questions mailing list