Blocking SSH access based on bad logins?
Michael B. Eichorn
ike at michaeleichorn.com
Tue Aug 25 15:03:17 UTC 2015
On Tue, 2015-08-25 at 16:28 +0200, Polytropon wrote:
> On Tue, 25 Aug 2015 09:16:16 -0400, Jaime Kikpole wrote:
> > I've noticed a number of SSH login attempts for the username "admin"
> > on my FreeBSD systems. None of them have a username of "admin". So
> > I
> > was wondering if there was a way (even via a port) to tell the
> > system,
> > "If an IP tries to login as 'admin', block that IP."
>
> I think "fail2ban" is the solution you are searching for.
>
>
>
> > I'm already using SSHGuard to block certain obvious attempts to break
> > in. I'm fine with altering its configs or adding/switching to a new
> > port.
>
> You'll find "fail2ban" in the FreeBSD ports collection
> along with some documentation. It's easy to set up. :-)
I thought SSHGuard and fail2ban were both equally vaild solutions to ssh
banning. Both use the logged failed attempt and create system level block
to the offending IP. Am I wrong on this?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5761 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20150825/f3f78ac2/attachment.bin>
More information about the freebsd-questions
mailing list