head	1.1;
access;
symbols
	RELEASE_8_3_0:1.1
	RELEASE_9_0_0:1.1
	RELEASE_7_4_0:1.1
	RELEASE_8_2_0:1.1
	RELEASE_6_EOL:1.1
	RELEASE_8_1_0:1.1
	RELEASE_7_3_0:1.1
	RELEASE_8_0_0:1.1
	RELEASE_7_2_0:1.1
	RELEASE_7_1_0:1.1
	RELEASE_6_4_0:1.1
	RELEASE_5_EOL:1.1
	RELEASE_7_0_0:1.1
	RELEASE_6_3_0:1.1
	PRE_XORG_7:1.1
	RELEASE_4_EOL:1.1
	RELEASE_6_2_0:1.1
	RELEASE_6_1_0:1.1
	RELEASE_5_5_0:1.1;
locks; strict;
comment	@# @;


1.1
date	2005.12.18.16.03.27;	author vanilla;	state Exp;
branches;
next	;


desc
@@


1.1
log
@Add sshit 0.5, checks for SSH/FTP bruteforce and blocks given IPs.

PR:		ports/90603
Submitted by:	Jui-Nan Lin <jnlin@@csie.nctu.edu.tw>
@
text
@sshit is a perl script, which works along with ipfw, ipfw2, and pf.
It parses the output of syslogd, find out SSH/FTP bruteforce attacks.
If the number of failed login is more than a threshold that administarator
set, sshit will block the source IP via firewall for a while 
(administrators can set the period of blocking). 

WWW: http://anp.ath.cx/sshit/
@
