Blocking a slow-burning SSH bruteforce

J.D. Bronson jd.bronson at
Fri Jan 1 15:44:12 UTC 2010

On 1/1/10 9:19 AM, David Rawling wrote:
> Darn.
> 1 is out because 22 is the one port that most organisations (including
> mine) allow out of their networks for administering routers.
> 2 is unfortunately not an option (as a consultant I do work from many
> networks)
> 4 - again I might have to log in any time ...
> 3 seems the best approach.
> Thanks for your thoughts, it's good to get second opinions.
> Dave.

I understand using/needing port 22 opened...but what another widely used for Citrix (sp?) or something? - most firewalls have those 
ports open.

As far as controlling login time and access, I meant something like this:

# Authentication:
LoginGraceTime 1m
MaxAuthTries 2

# Allow staff access and users no access
AllowGroups staff

J.D. Bronson
Information Technology
Aurora Health Care - Milwaukee WI

More information about the freebsd-questions mailing list