After instrumenting 'bruteblock' (and accidentally causing auth.log
to explode), I discovered that the ssh.conf file that ships with it won't
work on FreeBSD 6.1 (or at least my copy of it).
The shipped regexp looks for "illegal" users. But 'sshd' on FreeBSD
6.1 records login atte
Peter N. M. Hansteen wrote:
Erik Norgaard <[EMAIL PROTECTED]> writes:
Honestly, I wouldn't worry about it: review your config and make some
simple choices to reduce the noise, see this article:
One other noise reduction method which is really easy to implement is
to use pf and write arule set
Erik Norgaard wrote:
Leo L. Schwab wrote:
On Mon, Nov 13, 2006 at 09:16:35PM +0100, Erik Norgaard wrote:
Honestly, I wouldn't worry about it: review your config and make some
simple choices to reduce the noise, see this article:
http://www.securityfocus.com/infocus/1876
But I rather t
Leo L. Schwab wrote:
On Mon, Nov 13, 2006 at 09:16:35PM +0100, Erik Norgaard wrote:
Honestly, I wouldn't worry about it: review your config and make some
simple choices to reduce the noise, see this article:
http://www.securityfocus.com/infocus/1876
But I rather thought that was th
On Mon, Nov 13, 2006 at 10:10:58AM +0100, Frank Staals wrote:
> I had the same 'problem'. As said it's not realy a problem since FreeBSD
> will hold just fine if you don't have any rather stupid user + pass
> combinations.
While FreeBSD and OpenSSH are very good, I'm not prepared to rely
On Mon, Nov 13, 2006 at 09:16:35PM +0100, Erik Norgaard wrote:
> Honestly, I wouldn't worry about it: review your config and make some
> simple choices to reduce the noise, see this article:
>
> http://www.securityfocus.com/infocus/1876
>
But I rather thought that was the point of 'brut
Erik Norgaard <[EMAIL PROTECTED]> writes:
> Honestly, I wouldn't worry about it: review your config and make some
> simple choices to reduce the noise, see this article:
One other noise reduction method which is really easy to implement is
to use pf and write arule set which to uses the overload
On Mon, Nov 13, 2006 at 12:19:27PM +0600, Bachilo Dmitry wrote:
> ? ? ?? ??? 13 ?? 2006 12:05 Leo L. Schwab ???(a):
> > I recently installed FreeBSD 6.1 on my gateway. It replaced an
> > installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I
> > had di
Leo L. Schwab wrote:
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I had
disabled the SSH server. Since all the bugs in SSH are fixed now ( :-) ), I
thought I'd leave the server on, and am somewhat d
On Monday 13 November 2006 10:11, Frank Staals wrote:
> The point is it isn't security through obscurity: as allready pointed
> out, FreeBSD & sshd can withstand those brute force attacks without much
> of a problem so there is no security problem, the only thing is those
> brute force attacks are
Gerard Seibert wrote:
On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
I had the same 'problem'. As said it's not realy a problem since FreeBSD
will hold just fine if you don't have any rather stupid user + pass
combinations. ( test test or something like that ) Allthough I
Quoting Andy Greenwood <[EMAIL PROTECTED]>:
On 11/13/06, Gerard Seibert <[EMAIL PROTECTED]> wrote:
On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
I had the same 'problem'. As said it's not realy a problem since FreeBSD
will hold just fine if you don't have any rather stupid
On 11/13/06, Gerard Seibert <[EMAIL PROTECTED]> wrote:
On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
> I had the same 'problem'. As said it's not realy a problem since FreeBSD
> will hold just fine if you don't have any rather stupid user + pass
> combinations. ( test test or
[mailto:[EMAIL PROTECTED] On Behalf Of Leo L. Schwab
Sent: Monday, November 13, 2006 9:05 AM
To: freebsd-questions@freebsd.org
Subject: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh
Leo L. Schwab writes:
> A little Googling revealed a couple of potentially useful
> tools: 'sshit' and 'bruteblock', both of which notice repeated
> login attempts from a given IP address and blackhole it in the
> firewall.
There's also "denyhosts". I found the configuration an
On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
> I had the same 'problem'. As said it's not realy a problem since FreeBSD
> will hold just fine if you don't have any rather stupid user + pass
> combinations. ( test test or something like that ) Allthough I thought
> it was an
Leo L. Schwab wrote:
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I had
disabled the SSH server. Since all the bugs in SSH are fixed now ( :-) ), I
thought I'd leave the server on, and am somewhat d
В сообщении от Понедельник 13 ноября 2006 12:05 Leo L. Schwab написал(a):
> I recently installed FreeBSD 6.1 on my gateway. It replaced an
> installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I
> had disabled the SSH server. Since all the bugs in SSH are fixed now ( :-)
I recently installed FreeBSD 6.1 on my gateway. It replaced an
installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I had
disabled the SSH server. Since all the bugs in SSH are fixed now ( :-) ), I
thought I'd leave the server on, and am somewhat dismayed to discover tha
19 matches
Mail list logo