In our 'periodic daily' report/email, (only the list goes on for hundreds of attempts). Anyhow, long story short; is there not an easy way to make sshd block or deny hosts temporarily if X number of invalid login attempts are made within a minute's time?
to reduce the brute force attacks + voluminous logging, tell sshd to listen on port other than 22.
google for "tcp wrappers sshd" for examples of how to use tcp wrappers in reactive blocking
Len _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"