On Tuesday 24 April 2007 21:00:41 Dave wrote: > Hello, > I've got a machine running ssh and i'm trying to cut down on brute > force attacks on it. I'm running pf on a freebsd 6.2 box and have added in > swatch to try to curve these attacks. The problem is nothing is being added > to either the memory hackers table nor the ondisk copy of it. I know i'm > getting hits because i'm seeing entries in my auth.log like this: > > Apr 21 06:18:38 zeus sshd[10609]: Did not receive identification string > from 125.33.163.188 I managed to cut down attacks and block ip-s with denyhosts:
Port: denyhosts-2.6 Path: /usr/ports/security/denyhosts Info: Script to thwart ssh attacks Currently I block attackers for 10 minutes and then release IP- in case someone is using NAT and blocks all other users out of that network. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
