View Single Post
Old 3rd October 2008
mdh's Avatar
mdh mdh is offline
Real Name: Matt D. Harris
FreeBSD 2.2.6 User
 
Join Date: Oct 2008
Location: West Virginia
Posts: 139
Default

A couple of other things I'd suggest looking into are BruteBlock (/usr/ports/security/bruteblock) and/or Snort (/usr/ports/security/snort and/or /usr/ports/security/snort_inline) to automagically update your kernel's packet filtering when the attacks start coming in. Snort and Snort-inline are very powerful and can help to identify and block much more than just SSH brute-force attacks, too.
Reply With Quote