bruteforce
Adam Stroud
adam at thegeeklord.com
Wed Apr 12 03:36:56 UTC 2006
I have been using pf (on an OpenBSD box) to automatically block
offending IP address using pf and it seems to work well for me.
Basically when an attackers tries to connect x number of times in y
minutes, I have the firewall set up to block the automatically.
Works like a charm.
A
Patrick Tracanelli wrote:
> Jordan Sissel wrote:
>> On 4/11/06, Daniel Gerzo <danger at rulez.sk> wrote:
>>
>>> Hello Dmitriy,
>>>
>>> Tuesday, April 11, 2006, 7:04:37 PM, you typed the following:
>>>
>>>
>>>> On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote:
>>>>
>>>>> Hy, I'm triing to find a solution to bruteforce attack, mostly on
>>>>> port
>>>
>>> 22, without
>>>
>>>>> moving services on different ports.
>>>
>>>> try to use
>>>> /usr/ports/security/sshit
>>>
>>> maybe security/bruteforceblocker
>>
>>
>>
>> If you're looking for something with a more generalized approach,
>> check out
>> sysutils/grok. It comes with examples that block brute force efforts,
>> and
>> can do much more.
>
> Doesnt open sshd itself has a feature which blocks or imposes a delay
> upon a number of failed logins from the same address?
>
More information about the freebsd-stable
mailing list