View Single Post
Old 31st August 2008
harisman's Avatar
harisman harisman is offline
Fdisk Soldier
Join Date: May 2008
Location: Hellas (Greece)
Posts: 66

Additionally to the anomie post it is *invaluable* to install denyhosts scripts, especial if it necessary for you to open the ssh service to the public internet.

It is available from the ports: /usr/ports/security/denyhosts

It blocks ssh user dictionary probes or other evil actions using tcpwrappers

I personally have configured the denyhosts to use my pf firewall as well ,that populates a related table with the attacker's IPs.

I am very satisfied with denyhosts, it blocks daily dozen of attackers.
Reply With Quote