Len Conrad wrote:


In our 'periodic daily' report/email, (only the list goes on for hundreds of attempts). Anyhow, long story short; is there not an easy way to make sshd block or deny hosts temporarily if X number of invalid login attempts are made within a minute's time?

to reduce the brute force attacks + voluminous logging, tell sshd to listen on port other than 22.

google for "tcp wrappers sshd" for examples of how to use tcp wrappers in reactive blocking

Len



check out the denyhosts port as well. works great
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to