I managed to find my old powerbook yesterday and copied the sources on a pen drive.
Kinda looks like a time capsule for me. Openbsd complained about being initialized after 600+ days... As I said before, this program has worked for me. It was a single installation and only two admins... A single connection to a specific port enables ssh by adding the source IP to a white list. Another connection to other port removes the access. It could be written in a smarter way and also could have lots of features (like timing expiration) but it would be overkill for our need. enjoy! On Thu, Nov 6, 2008 at 3:49 PM, Marcus Andree <[EMAIL PROTECTED]> wrote: > I've written a small program about 5 years ago. It was a daemon that > implemented a > service similar to "port knocking" but entirely in user level, > calling pfctl by exec() > system calls to insert/remove remote IP addresses in a pf table holding > machines > able to connect to the ssh daemon via port 22. > > It was a ugly hack but it worked for us. I shall have a backup copy somewhere > on > my powerbook at home... > > On Thu, Nov 6, 2008 at 3:33 PM, Charlie Clark <[EMAIL PROTECTED]> wrote: >> Hi, >> >> I have noticed that people constantly try to brute force sshd on my openbsd >> box, on my server I use fail2ban to prevent this and wondered if there is a >> similar solution for openbsd. >> >> Regards, >> >> -- >> >> Charlie Clark >> Network Engineer >> >> Lemon Computing Ltd >> Unit 9 >> 26-28 Priests Bridge >> London >> SW14 8TA >> UK >> >> Tel: +44 208 878 2138 >> Fax: +44 208 878 2163 >> Email: [EMAIL PROTECTED] >> Site: http://www.lemon-computing.com/ >> >> Lemon Computing is a limited company registered in England & Wales under >> Company No. 03697052 [demime 1.01d removed an attachment of type application/x-gzip which had a name of portctrl.tar.gz]
