> I am thinking it might be nice to see if someone could do the following. > And therefore Want to post a $100 bounty on this.
Typically the bounties are posted on the forums; you could feel things out here, but eventually you'll need to move there. > Most of the Linux world uses BFD and/or CSF/LFD to find brute > force issues... Not sure what your acronyms are, but sane settings on your sshd can go a long way toward preventing skript-kiddie attacks. That said, a good iptables-integrated approach is to use the RECENT module - contact me offline for details, since it's absolutely not pfSense-related. > What I would like to do is this. > > > 1. Have the PFSense server query the Log files from the servers running > behind the system. Sound network security principles are screaming and waving their hands at this point. Never EVER run active code on your firewall that is reaching out (with operable credentials, no less) to an internal system. Even doing so for authentication is questionable. Full stop. To generalize what you should be requesting is that someone port fail2ban-server or its ilk to run on FreeBSD/pfSense and accept rule changes from a trusted host. At a very minimum, a tool that will monitor logs and issue dynamic block requests to pfSense via either a screen scraper or the XML sync mechanism. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
