Quote:
Originally Posted by Mantazz
I've seen some suggestions before that a TarPit http://labrea.sourceforge.net/labrea-info.html might be a solution worth looking into. The basic idea behind it, as explained to me, is to take the attempted connection and hold it open as long as possible, to slow down the hack attempt.
|
I am trying to do this with pf and altq at the moment, pf basically provides some ways to detect a brute force attempt while altq provides a way to limit the outgoing bandwidth. Not sure how well this works yet as I am not sure how to test it, but if anyone is interested I can post my pf.conf here.