Firewall, blocking POP3

Patrick gibblertron at gmail.com
Wed May 30 19:16:11 UTC 2012 

See /usr/ports/security/py-fail2ban (http://www.fail2ban.org/). Used
in conjunction with FreeBSD's ipfw or pf firewall facility, you can
ban an attacking IP address for a set period of time after a
configurable amount of failed attempts. Fail2ban watches your log
files for you and then triggers some sort of action -- which can
really be anything you can conceive of.

Patrick


On Wed, May 30, 2012 at 11:47 AM, Jorge Biquez <jbiquez at intranet.com.mx> wrote:
> Hello.
>
> Thanks a lot!. Simple an elegant solution.
>
> I just did that and of course it worked.... I just was wondering... what if
> I need to have the service working BUT want to block those break attemps? IN
> this and other services. ?
> My guess is that it is a never ending process? I mean, block one, block
> another, another, etc?
>
> What the people who has big servers running for hosting services are doing?
> Or you just have a policy of strng passworrds, server up-todate and let the
> attemps to try forever?
>
> Thanks for the solution Mr Robert.
>
> Jorge Biquez
>
>
>
>
> At 01:32 p.m. 30/05/2012, Robert Bonomi wrote:
>>
>> > From owner-freebsd-questions at freebsd.org  Wed May 30 13:16:37 2012
>> > Date: Wed, 30 May 2012 13:08:30 -0500
>> > To: freebsd-questions at freebsd.org
>> > From: Jorge Biquez <jbiquez at intranet.com.mx>
>> > Cc:
>> > Subject: Firewall, blocking POP3
>> >
>> > Hello all.
>> >
>> > I am sorry if the question is too basic.
>> >
>> > I have a personal small machine running
>> >
>> >     FreeBSD 7.3-PRERELEASE #0:
>> >
>> > It runs as my web and email server for a cuple of domains. NO clients
>> > no other users have access to it.
>> >
>> > Is there any , easy/faster way to stop POP3 from being working. I am
>> > running qpopper to be able to download emailes.
>> > I decided to use sendmail since only a few accounts are there and I
>> > do not need more but in the last days the server has been under a big
>> > attack where people is trying to guess users and passwords. I am
>> > using a strong schema of passwords so no problem on that but I rather
>> > to be sure .
>>
>> The mail -server- you use is irrelevant to how users retrieve mail.
>> you can use sendmail and qpopper, or sendmail and an IMAP server, or
>> sendmail and  webmail app, or postix and qpopper, or exim and qpopper,
>> etc.
>>
>>
>> All you have to do to disable qpopper is edit comment out the line in
>> /etc/inetd.conf, and SIGHUP inetd.
>>
>> To re-enable when you need it, uncomment the line, and SIGHUP inetd again.
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list