This morning I noticed that an attacker spent over a full hour trying to brute-force accounts and passwords via ssh on one of our machines. These kinds of attacks are becoming more frequent.
I was wondering: does anyone know of a way to blacklist a certain IP (ideally, just for a certain time period) after a certain number of failed login attempts via ssh? I could change the port that sshd listens on, but I'd rather find a better solution, one that isn't just another layer of obscurity. Thanks! -- Charles Ulrich Ideal Solution, LLC - http://www.idealso.com _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
