Urgent: Under attack - need tcpdrop help

Damien Fleuriot ml at my.gd
Wed May 25 14:01:54 UTC 2011

On 5/24/11 10:53 PM, Alejandro Imass wrote:
> On Tue, May 24, 2011 at 4:29 PM, Andy Wodfer <wodfer at gmail.com> wrote:
>> Hi,
>> One of my FreeBSD servers is currently being attacked (DDOS) and I'm
>> blocking IP addresses in my firewall. However, there are a large number of
>> hung tcp connections and I want them gone.
> I know it's not what you're asking but for the future try fail2ban. I
> can gladly post a simple how to here for FreeBSD.
> It's a very simple solution but I have been keeping off pests quite
> well with fail2ban. I think it's an awesome and simple framework to
> automatically ban IPs and they just move on to the th next server. In
> fact you can see the bannings diminish in time as they are the one
> that get tired ;-)
> Good luck,
> --
> Alejandro Imass
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

There is no need for fail2ban on freebsd, one may install sshguard from
the ports, which interacts with the firewalls (IPFW, PF...) or the
allow/deny files.

More information about the freebsd-questions mailing list