Just issue "make config && make install clean" to install sshguard into system, and then make some modification to /etc /syslog.conf and /etc /pf.conf
/etc /syslog.conf:
auth.info;authpriv.info |exec /usr/local/sbin/sshguard
/etc /pf.conf
table <sshguard> persist
block in quick on $ext_if from <sshguard> to any label "sshguard"
Then, reload pf and syslogd by using,
/etc/rc.d/pf reload
/etc/rc.d/syslogd reload
1 comment:
SSHGUARD是最近才進去port tree的?剛剛更新完port tree才看到。
很不錯的方法,我的機器正好為了天天都有人來暴力試密碼而頭痛,感謝XD
Post a Comment