Re: bruteforce

2006-04-12 Thread Dmitry Pryanishnikov
Hello! On Tue, 11 Apr 2006, Dmitriy Kirhlarov wrote: On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote: Hy, I'm triing to find a solution to bruteforce attack, mostly on port 22, without moving services on different ports. try to use /usr/ports/security/sshit

bruteforce

2006-04-11 Thread Matteo 'egon' Baldi
Hy, I'm triing to find a solution to bruteforce attack, mostly on port 22, without moving services on different ports. I've try something similar to this: table ssh-bruteforce persist block in quick from ssh-bruteforce pass in on $ext_if proto tcp from any to ($ext_if) port ssh \ flags

Re: bruteforce

2006-04-11 Thread Daniel O'Connor
On Tuesday 11 April 2006 18:28, Matteo 'egon' Baldi wrote: gate# pfctl -f /etc/pf.conf /etc/pf.conf:48: illegal timeout name max-src-conn-rate pfctl: Syntax error in config file: pf rules not loaded Your version of FreeBSD is too old and has a version of pf that pre-dates this feature. I

Re: bruteforce

2006-04-11 Thread Dmitriy Kirhlarov
On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote: Hy, I'm triing to find a solution to bruteforce attack, mostly on port 22, without moving services on different ports. try to use /usr/ports/security/sshit By. Dmitriy

Re[2]: bruteforce

2006-04-11 Thread Daniel Gerzo
Hello Dmitriy, Tuesday, April 11, 2006, 7:04:37 PM, you typed the following: On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote: Hy, I'm triing to find a solution to bruteforce attack, mostly on port 22, without moving services on different ports. try to use /usr/ports

Re: Re[2]: bruteforce

2006-04-11 Thread Jordan Sissel
On 4/11/06, Daniel Gerzo [EMAIL PROTECTED] wrote: Hello Dmitriy, Tuesday, April 11, 2006, 7:04:37 PM, you typed the following: On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote: Hy, I'm triing to find a solution to bruteforce attack, mostly on port 22, without moving

Re: bruteforce

2006-04-11 Thread Patrick Tracanelli
Jordan Sissel wrote: On 4/11/06, Daniel Gerzo [EMAIL PROTECTED] wrote: Hello Dmitriy, Tuesday, April 11, 2006, 7:04:37 PM, you typed the following: On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote: Hy, I'm triing to find a solution to bruteforce attack, mostly on port

Re: bruteforce

2006-04-11 Thread Adam Stroud
Tracanelli wrote: Jordan Sissel wrote: On 4/11/06, Daniel Gerzo [EMAIL PROTECTED] wrote: Hello Dmitriy, Tuesday, April 11, 2006, 7:04:37 PM, you typed the following: On Tue, Apr 11, 2006 at 10:58:48AM +0200, Matteo 'egon' Baldi wrote: Hy, I'm triing to find a solution to bruteforce attack

Re: bruteforce

2006-04-11 Thread Adam Stroud
, Matteo 'egon' Baldi wrote: Hy, I'm triing to find a solution to bruteforce attack, mostly on port 22, without moving services on different ports. try to use /usr/ports/security/sshit maybe security/bruteforceblocker If you're looking for something with a more generalized approach

Re: bruteforce

2006-04-11 Thread Damian Gerow
Thus spake Adam Stroud ([EMAIL PROTECTED]) [11/04/06 23:49]: : I have been using pf (on an OpenBSD box) to automatically block : offending IP address using pf and it seems to work well for me. : Basically when an attackers tries to connect x number of times in y : minutes, I have the firewall