On Sat, Aug 30, 2008 at 3:25 PM, Igor <[EMAIL PROTECTED]> wrote: > > 1) There are a simple way to detect and block brute force? I ready in > some place to use snort... and I've installed and I guess is > configured correctly, but doesn't block anyone. >
You should never under any circumstances open administrative interfaces including SSH on your firewall to the entire Internet. pfSense does run sshlockout so it should be blocking those hosts after a few failed login attempts. I would strongly recommend firewalling off SSH to protect your firewall. If you must leave it open, at a minimum require key authentication. > 2) Is normal this error on "system.log"? > It's not an error, you have to read the logs with clog. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
