sshd break-in attempt
LConrad at Go2France.com
Tue Jan 2 06:20:57 PST 2007
>In our 'periodic daily' report/email, (only the list goes on for
>hundreds of attempts). Anyhow, long story short; is there not an
>easy way to make sshd block or deny hosts temporarily if X number of
>invalid login attempts are made within a minute's time?
to reduce the brute force attacks + voluminous logging, tell sshd to
listen on port other than 22.
google for "tcp wrappers sshd" for examples of how to use tcp
wrappers in reactive blocking
More information about the freebsd-questions