[nycbug-talk] Adaptive firewalling in FreeBSD -- how can?

G. Rosamond george
Mon Oct 25 11:55:27 EDT 2004

On Oct 25, 2004, at 11:21 AM, csnyder wrote:

> I'm seeing a lot of failed logins for random users in the auth.log
> lately -- something trying out a list of 10-20 username/password
> combinations over ssh.
> Is there a simple way to dynamically block hosts with too many (more
> than six) failed ssh logins in a row?

Either you can play with MaxStartups or maybe script it . . .into a 
firewall ruleset like with pf.

Have you thought of just using key-based authentication?  It would make 
attempts useless.


More information about the talk mailing list