After instrumenting 'bruteblock' (and accidentally causing auth.log
to explode), I discovered that the ssh.conf file that ships with it won't
work on FreeBSD 6.1 (or at least my copy of it).
The shipped regexp looks for illegal users. But 'sshd' on FreeBSD
6.1 records login
On Mon, Nov 13, 2006 at 09:16:35PM +0100, Erik Norgaard wrote:
Honestly, I wouldn't worry about it: review your config and make some
simple choices to reduce the noise, see this article:
http://www.securityfocus.com/infocus/1876
But I rather thought that was the point of
On Mon, Nov 13, 2006 at 10:10:58AM +0100, Frank Staals wrote:
I had the same 'problem'. As said it's not realy a problem since FreeBSD
will hold just fine if you don't have any rather stupid user + pass
combinations.
While FreeBSD and OpenSSH are very good, I'm not prepared to rely
Leo L. Schwab wrote:
On Mon, Nov 13, 2006 at 09:16:35PM +0100, Erik Norgaard wrote:
Honestly, I wouldn't worry about it: review your config and make some
simple choices to reduce the noise, see this article:
http://www.securityfocus.com/infocus/1876
But I rather thought that was
Erik Norgaard wrote:
Leo L. Schwab wrote:
On Mon, Nov 13, 2006 at 09:16:35PM +0100, Erik Norgaard wrote:
Honestly, I wouldn't worry about it: review your config and make some
simple choices to reduce the noise, see this article:
http://www.securityfocus.com/infocus/1876
But I rather
Peter N. M. Hansteen wrote:
Erik Norgaard [EMAIL PROTECTED] writes:
Honestly, I wouldn't worry about it: review your config and make some
simple choices to reduce the noise, see this article:
One other noise reduction method which is really easy to implement is
to use pf and write arule set
Leo L. Schwab wrote:
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I had
disabled the SSH server. Since all the bugs in SSH are fixed now ( :-) ), I
thought I'd leave the server on, and am somewhat
On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
I had the same 'problem'. As said it's not realy a problem since FreeBSD
will hold just fine if you don't have any rather stupid user + pass
combinations. ( test test or something like that ) Allthough I thought
it was
Leo L. Schwab writes:
A little Googling revealed a couple of potentially useful
tools: 'sshit' and 'bruteblock', both of which notice repeated
login attempts from a given IP address and blackhole it in the
firewall.
There's also denyhosts. I found the configuration
PROTECTED] On Behalf Of Leo L. Schwab
Sent: Monday, November 13, 2006 9:05 AM
To: freebsd-questions@freebsd.org
Subject: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh install
On 11/13/06, Gerard Seibert [EMAIL PROTECTED] wrote:
On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
I had the same 'problem'. As said it's not realy a problem since FreeBSD
will hold just fine if you don't have any rather stupid user + pass
combinations. ( test test or
Quoting Andy Greenwood [EMAIL PROTECTED]:
On 11/13/06, Gerard Seibert [EMAIL PROTECTED] wrote:
On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
I had the same 'problem'. As said it's not realy a problem since FreeBSD
will hold just fine if you don't have any rather stupid
Gerard Seibert wrote:
On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
I had the same 'problem'. As said it's not realy a problem since FreeBSD
will hold just fine if you don't have any rather stupid user + pass
combinations. ( test test or something like that ) Allthough
On Monday 13 November 2006 10:11, Frank Staals wrote:
The point is it isn't security through obscurity: as allready pointed
out, FreeBSD sshd can withstand those brute force attacks without much
of a problem so there is no security problem, the only thing is those
brute force attacks are
Leo L. Schwab wrote:
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I had
disabled the SSH server. Since all the bugs in SSH are fixed now ( :-) ), I
thought I'd leave the server on, and am somewhat
On Mon, Nov 13, 2006 at 12:19:27PM +0600, Bachilo Dmitry wrote:
? ? ?? ??? 13 ?? 2006 12:05 Leo L. Schwab ???(a):
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I
had disabled
Erik Norgaard [EMAIL PROTECTED] writes:
Honestly, I wouldn't worry about it: review your config and make some
simple choices to reduce the noise, see this article:
One other noise reduction method which is really easy to implement is
to use pf and write arule set which to uses the overload
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I had
disabled the SSH server. Since all the bugs in SSH are fixed now ( :-) ), I
thought I'd leave the server on, and am somewhat dismayed to discover
В сообщении от Понедельник 13 ноября 2006 12:05 Leo L. Schwab написал(a):
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I
had disabled the SSH server. Since all the bugs in SSH are fixed now ( :-)
19 matches
Mail list logo
