sshd break-in attempt

Len Conrad LConrad at
Tue Jan 2 06:20:57 PST 2007

>In our 'periodic daily' report/email, (only the list goes on for 
>hundreds of attempts). Anyhow, long story short; is there not an 
>easy way to make sshd block or deny hosts temporarily if X number of 
>invalid login attempts are made within a minute's time?

to reduce the brute force attacks + voluminous logging, tell sshd to 
listen on port other than 22.

google for "tcp wrappers sshd" for examples of how to use tcp 
wrappers in reactive blocking


More information about the freebsd-questions mailing list