Re: Brute Force Detection + Advanced Firewall Policy
Hi there,
Hadi Maleki wrote:
> Any BFD/AFP softwares available for FreeBSD 4.10?
>
If you would update to a recent FreeBSD Release, you could probably use
some nice pf(4) things...
> Im getting flooded with ssh and ftp attempts.
>
I recently stumbled over quite a nice pf.conf (see man pfctl for
details), which blacklists for instance ssh connections if the occur to
often in a certain amount of time.
For Example:
# sshspammer table
table <sshspammer> persist
block log quick from <sshspammer>
# sshspammer
# more than 6 ssh attempts in 15 seconds will be blocked ;)
pass in quick on $ext_if proto tcp to ($ext_if) port ssh $tcp_flags
(max-src-conn 10, max-src-conn-rate 6/15, overload <sshspammer> flush
global)
HTH,
Marian
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 5 之 8 篇):