Kris Anderson wrote:
--- Chris Maness <[EMAIL PROTECTED]> wrote:
In my auth log I see alot of bruit force attempts to
login via ssh. Is
there a way I can have the box automatically kill
any tcp/ip
connectivity to hosts that try and fail a given
number of times? Is
there a port or something that I can install to give
this kind of
protection. I'm still kind of a FreeBSD newbie.
Thanks,
Chris Maness
Hey there,
A couple of things you could try. I believe there is a
port that watches log files, utilizing that you could
create a script to add the IP to your firewall rules
then after a time remove it.
The other way is to use snort_inline and see how that
works.
Hope that helps.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
I'm using denyhost per someone on the lists recomendation. It works
very well.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"