sshit runs out of semaphores
glarkin at FreeBSD.org
Tue Dec 2 05:25:26 PST 2008
-----BEGIN PGP SIGNED MESSAGE-----
DA Forsyth wrote:
> I recently started (trying) to use sshit to filter the many brute
> force sshd attacks.
> However, it has never worked on my box. FreeBSD 7.0 p1.
> This morning it would only give a message (without exiting)
> Could not create semaphore set: No space left on device
> at /usr/local/sbin/sshit line 322
> Every time it gets stopped by CTRL-C it leaves the shared memory
> behind, allocated.
> I am going to reboot later and double the number of semaphores (in
> I am running hobbit which uses 8, leaving only 2 free. This may
> solve this issue, but I'd appreciate any ideas and experienced
> A side issue is that sshit will only filter rapid fire attacks, but I
> am also seeing 'slow fire' attacks, where an IP is repeated every 2
> or 3 hours, but there seem to be a network of attackers because the
> name sequence is kept up across many incoming IP's. Is there any
> script for countering these attacks?
> If not I'll write one I think.
> DA Fo rsyth Network Supervisor
> Principal Technical Officer -- Institute for Water Research
I previously used sshit to defend against SSH brute-force attacks but
never saw the semaphore problem that you reported.
However, I recently switched to sshguard for other reasons, and it has
worked well for defending against both high-speed and slow-speed
attacks. You can get more information here:
Hope that helps,
http://www.FreeBSD.org/ - The Power To Serve
http://www.sourcehosting.net/ - Ready. Set. Code.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the freebsd-questions