Port-macppc archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [OT] SSH throttle - security



Hi,

pf, the packet filter from OpenBSD, can easily do this.
I believe the NetBSD one is new enough to have these options.

An example is at http://my.opera.com/TMS/blog/show.dml/194002

There is another article at http://www.bgnett.no/~peter/pf/en/bruteforce.html
that might help.

cheers

bruce

On Mon, Jan 26, 2009 at 03:41:08PM -0600, Donald Lee wrote:
> [sorry for the OT]
> 
> I have an ssh annoyance - my logs are FULL of cracking attempts.  This is
> an externally visible server, so I can't simply shut off access.  They are
> trying lots of random accounts, and I'm not worried that they'll get in,
> but it's a pain, both because it generates huge logfiles, and also
> because it burns non-trivial CPU.
> 
> Does anyone know of an option/method to "throttle" incoming SSH requests.
> I would be more than happy to limit said requests to one every N seonds,
> where N is in the range of 5-10 (or more?)
> 
> I don't see anything in the docs or on the web that will allow me to
> do this.  I'm not anxious to write proxy software to do this. :-<
> 
> I figure this might be of general interest to anyone with an exposed
> server.
> 
> Thanks,
> 
> -dgl-


Home | Main Index | Thread Index | Old Index