> sk@elegosoft.com wrote:
mornin'

> Rich Healey wrote:
> Recently I'm getting a lot of brute force attempts on my server, in
> the past I've used various tips and tricks with linux boxes but many of
> them were fairly linux specific.


> disable pasword authentication OR use very strong passwords (24 chars)
> OR use OTP
>> if it is applicable you could limit access by hosts (from=)
>> nothing of the above is linux or BSD specific


>> btw. Software to delay Login Attempts could be tricked.

> Which software? how?


I was talking fail2ban
http://cve.mitre.org/cgi-bin/cvename...=CVE-2007-4321
http://cve.mitre.org/cgi-bin/cvekey....word=denyhosts


regards
Stefan

_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/lis...reebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"