On 5/24/11 10:53 PM, Alejandro Imass wrote: > On Tue, May 24, 2011 at 4:29 PM, Andy Wodfer <wod...@gmail.com> wrote: >> Hi, >> One of my FreeBSD servers is currently being attacked (DDOS) and I'm >> blocking IP addresses in my firewall. However, there are a large number of >> hung tcp connections and I want them gone. >> > > I know it's not what you're asking but for the future try fail2ban. I > can gladly post a simple how to here for FreeBSD. > > It's a very simple solution but I have been keeping off pests quite > well with fail2ban. I think it's an awesome and simple framework to > automatically ban IPs and they just move on to the th next server. In > fact you can see the bannings diminish in time as they are the one > that get tired ;-) > > Good luck, > > -- > Alejandro Imass > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
There is no need for fail2ban on freebsd, one may install sshguard from the ports, which interacts with the firewalls (IPFW, PF...) or the allow/deny files. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"