2009/7/21 Michael Schuh <michael.sc...@gmail.com>: > 2009/7/21 Nathan Eisenberg <nat...@atlasnetworks.us>: >> Some of my pfsense boxes get a lot of SSH bruteforces; is there a package >> like fail2ban out there which could automatically blacklist IPs after x bad >> logins? >> >> >> >> Best Regards >> >> Nathan Eisenberg >> >> Sr. Systems Administrator >> >> Atlas Networks, LLC >> >> supp...@atlasnetworks.us >> >> http://support.atlasnetworks.us/portal >> >> > Hello Nathan, > > a simple solution w/o an extra pakage is > a) change the ssh-port to something other like 666 > b) limit the connection-rate to a preferred useful value in the filter-rules > c) both a) and b) forgotten, sorry d) the pf-filter supports your wished blacklist-feature, but i'm not shure if pfsense also supports this functionality?
> > regards > > michael > -- > = = = m i c h a e l - s c h u h . n e t = = = > Projektmanagement - IT-Consulting - Professional Services IT > Michael Schuh > Postfach 10 21 52 > 66021 Saarbrücken > phone: 0681/8319664 > mobil: 0175/5616453 > @: m i c h a e l . s c h u h @ g m a i l . c o m > > = = = Ust-ID: DE251072318 = = = > -- = = = m i c h a e l - s c h u h . n e t = = = Projektmanagement - IT-Consulting - Professional Services IT Michael Schuh Postfach 10 21 52 66021 Saarbrücken phone: 0681/8319664 mobil: 0175/5616453 @: m i c h a e l . s c h u h @ g m a i l . c o m = = = Ust-ID: DE251072318 = = = --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
