Re: SSH scans vs connection ratelimiting

看板FB_security作者時間19年前 (2006/08/22 10:36), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串9/16 (看更多)
Lyndon Nerenberg wrote: > Take a look at /usr/ports/security/bruteforceblocker. It monitors the > system log for failed ssh logins, and blocks the sites via pf. It's > reasonably configurable, and works very well. I've been running it for > months without trouble. I've written a similar script which worked okay for the most part. Probably not as fancy, but a la. Point is, I'd prefer to: 1) Know why the attack still works although I'm ratelimiting to 3 connections per minute and MaxAuthTries is set to 3 (but if it was still the default value 6, it should've triggered, too) 2) Fix it at the root cause, probably OpenSSH? -- Pieter _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 pieter. 的文章
文章代碼(AID): #14wcsb00 (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 9 之 16 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共16篇)
更多 pieter. 的文章
文章代碼(AID): #14wcsb00 (FB_security)