IP Banning (Using IPFW)
Michael A. Alestock
michaela at maa-net.net
Sun Feb 5 07:41:52 PST 2006
I was wondering if there's some sort of port available that can actively
ban IPs that try and bruteforce a service such as SSH or Telnet, by
scanning the /var/log/auth.log log for Regex such as "Illegal User" or
"LOGIN FAILURES", and then using IPFW to essentially deny (ban) that IP
for a certain period of time or possibly forever.
I've seen a very useful one that works for linux (fail2ban), and was
wondering if one exists for FreeBSD's IPFW?
I've looked around in /usr/ports/security and /usr/ports/net but can't
seem to find anything that closely resembles that.
Your help would be greatly appreciated.... Thanks in advance!
>> Michael A., USA... Loyal FreeBSD user since 2000.
More information about the freebsd-questions