-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Marc G. Fournier wrote:
> 
> Does anyone know of a utility that I can use with sshd to auto-block by IP if 
> there are more then N failed attempts in a row?
> 
> ie:
> 
> # grep "Invalid user" /var/log/auth.log| awk '{print $10}' | sort | uniq -c | 
> sort -nr
[...]
> 
> 
> This is for one day ... I'd like to be able to throttle so that after X 
> Invalid 
> user attempts, the IP gets blocked ...
> 
> Possible?
> 

Hi Marc,

Coincidentally, I've been replacing sshit with sshguard (both in ports)
on several servers today.  sshguard seems to be more configurable and
supports a number of blocking methods - multiple firewalls as well as
/etc/hosts.deny.  Here's the full documentation:
http://sshguard.sourceforge.net/doc/

Hope that helps,
Greg
- --
Greg Larkin

http://www.FreeBSD.org/       - The Power To Serve
http://www.sourcehosting.net/ - Ready. Set. Code.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI0ZLn0sRouByUApARAt5XAJ91sn31ryJ4iq+t4OzVoORYK29IVwCglRAG
rE3TmCDo70nzxvUBFWVCUJI=
=fQhA
-----END PGP SIGNATURE-----

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to