sshd brute force attempts?
Nicolas Blais
nb_root at videotron.ca
Tue Sep 19 14:25:47 PDT 2006
On Tuesday 19 September 2006 17:12, Joao Barros wrote:
> On 9/19/06, Dan Mahoney, System Admin <danm at prime.gushi.org> wrote:
> > Hey all,
> >
> > I've looked around and found several linux-centric things designed to
> > block brute-force SSH attempts. Anyone out there know of something a bit
> > more BSD savvy?
> >
> > My best attempt will be to get this:
> >
> > http://www.csc.liv.ac.uk/~greg/sshdfilter/index_15.html
> >
> > running and adapt it.
> >
> > I've found a few things based on openBSD's pf, but that doesn't seem to
> > be the default in BSD either.
> >
> > Any response appreciated.
>
> I'm using BruteForceBlocker quite successfully.
> I take the opportunity to thank danger for it :-)
>
> http://www.freshports.org/security/bruteforceblocker/
I like to protect myself by hiding what I have, which will reduce the amount
of direct or random attacks by a lot, then deal with attacks using tools
(like bruteforceblocker).
This is especially useful when attackers are using ip-range tools to scan
common ports for their associated service.
Why keep sshd on port 22?
Nicolas
--
FreeBSD 7.0-CURRENT #0: Sun Sep 17 10:21:02 EDT 2006
nicblais at clk01a:/usr/obj/usr/src/sys/CLK01A
PGP? : http://www.clkroot.net/security/nb_root.asc
More information about the freebsd-questions
mailing list