Secure your SSH server with blacklistd and PacketFilter under FreeBSD
Many of us know and use Fail2ban, a very powerfull log parser able to block everything you want if you create the good rules for your services.
But, when it comes to just secure our SSHd, it can be a little… overkill !
So, a daemon named blacklistd(8) showed up few months ago on the FreeBSD 11 release and is dedicated to blocking specific ports (ssh, smtp, ftp, etc.) on demand to avoid DoS or bruteforce abuse.
In this paper, we’ll see :
- How we can configure blacklistd(8) with PacketFilter to block SSHd attackers.
- How we can whitelist specific hosts on specific ports.
- How we can check and delete the blocked hosts list.
- Need help ?
Time to log in and start working !