[ previous ] [ next ] [ threads ]
 From:  YvesDM <ydmlog at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Block 300 IP's
 Date:  Thu, 18 Dec 2008 11:55:06 +0100
On Thu, Dec 18, 2008 at 9:22 AM, Frank Richter <richter at mpia dash hd dot mpg dot de>wrote:

> Hi,
> is it possible to block 300 IP's easily with Mono?
> Background:
> I want to block the ongoing ssh-brute-force-attempts (300 IP's) to me
> network. But in Mono
> it's only possible to block networks or single hosts (I will not add 300
> rules).
> Is there a way may be hidden to add something like:
> ipfw add deny from x.x.x.x, y.y.y.y, w.w.w.w, v.v.v.v to destination port
> 22
> Or set an alias and this alias points to 300 IP's
> Best regards
>   Frank Richter

<m0n0wall dash help at lists dot m0n0 dot ch>
I think it's a better idea to simply not allow password based logins to your
ssh server and only use certificates for ssh logins.
Or you can limit ssh logins from a single ip which will also solve your
The way you want to do it keeps you going all the time, coz next week the
attacks come from somewhere else.

kind regards