From owner-FreeBSD-users-jp@jp.FreeBSD.org Wed May 17 18:37:16 2006
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id k4H9bGs09710;
	Wed, 17 May 2006 18:37:16 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from www.mitz.jp (www.mitz.jp [218.219.148.189])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with ESMTP/inet id k4H9bFQ09705
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Wed, 17 May 2006 18:37:15 +0900 (JST)
	(envelope-from mitz@www.mitz.jp)
Received: from www.mitz.jp (localhost [127.0.0.1])
	by www.mitz.jp (8.12.11/8.11.3) with ESMTP id k4H9bAPu009235
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Wed, 17 May 2006 18:37:10 +0900 (JST)
	(envelope-from mitz@www.mitz.jp)
Received: (from mitz@localhost)
	by www.mitz.jp (8.12.11/8.12.6/Submit) id k4H9bAwH009234;
	Wed, 17 May 2006 18:37:10 +0900 (JST)
To: FreeBSD-users-jp@jp.FreeBSD.org
In-Reply-To: Your message of "Wed, 17 May 2006 18:19:34 +0900".
	<20060517181934.863143a0.yanagisawa@csg.is.titech.ac.jp>
From: Mitzyuki IMAIZUMI <mitz@mitz.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
X-Mailer: mnews [version 1.22PL6] 2002-07/03(Wed)
Message-ID: <060517183710.M0109171@www.mitz.jp>
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Wed, 17 May 2006 18:37:10 +0900
X-Sequence: FreeBSD-users-jp 89583
Subject: [FreeBSD-users-jp 89583] Re: 6.1 	=?ISO-2022-JP?B?GyRCJEcbKEI=?=
 ssh =?ISO-2022-JP?B?GyRCQFxCMxsoQg==?= 
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: mitz@mitz.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+060209

$B:#@t$G$9!#(B

 From: Yoshisato YANAGISAWA <yanagisawa@csg.is.titech.ac.jp>
 Date: Wed, 17 May 2006 18:19:34 JST

> $B$3$N<j$NNOG$$;$K%m%0%$%sL>!"%Q%9%o!<%I$rD4$Y$k$h$&$JF0$-$r$9$k%[%9%H$r(B
> $B=PF~$j6X;_$K$9$k(B security/bruteforceblocker $B$H$$$&(Bport$B$,$"$j$^$9$M!#(B
> $B$3$l$r@_CV$9$k$H;XDj$7$?2s?t0J>e%m%0%$%s$r<:GT$9$k$H$=$N(BIP$B%"%I%l%9$+$i$N(B
> ssh$B%]!<%H$X$N@\B3$r6X;_$9$k$h$&%U%!%$%"%&%)!<%k$K<+F0$G@_Dj$9$k$3$H$,(B
> $B$G$-$^$9!#$3$N(Bport$B$OB>$N%[%9%H$X$N967b7k2L$r(BWeb$B$+$i%@%&%s%m!<%I$7$FMxMQ(B

$B$3$NMM$J(B port $B$,$"$C$?$s$G$9$M!#(B
$B;C$/A0$+$i(B ssh $B$KBP$9$kIT@5%m%0%$%s$,L\N)$C$FMh$?$N$G!"(B
$B0J2<$NMM$J%9%/%j%W%H$r:n$C$F(B Charlie $B$5$s$+$i$N%a!<%k$r?)$o$7$F!"(B
ipfw $B$N@_Dj$rF0E*$KDI2C$9$kMM$K$7$FBP1~$7$?$j$7$F$$$^$7$?!#(B
#$B$"$^$j$KA}$($9$.$?$N$G:G6a$O(B hosts.allow $B%Y!<%9$G%"%/%;%95v2D(BIP$B$r9J$C$F$^$9(B

#!/bin/sh
ipfw="sudo /sbin/ipfw -q"
awk '
	/ssh.*refused/{
		gsub(/[()]/, "", $NF);				# get IP addr
		addrs[$NF] = $NF;
	}
	END{
		for(ip in addrs)
			printf("add %d deny ip from %s to any\n", ++rule, ip);
	}
' rule=`$ipfw list | egrep -v '^655..' | tail -1 | sed 's/[ 	].*$//g'` |
xargs -L 1 $ipfw

> $BM#0l$NLdBj$O!"(BOpenBSD$BM3Mh$N%Q%1%C%H%U%#%k%?!<$G$"$k(B pf (packet filter)
> $B$K$7$+BP1~$7$F$$$J$$$3$H$G$9$,!"%O%C%/$7$F(Bipf$B$KBP1~$5$;$??M$O(B
> $B5o$k$h$&$G$9!#(B

ipfw $BBP1~$N(B HACK $B$O$I$3$+$i$+<hF@$G$-$k$N$G$7$g$&$+(B?
$B$H$$$&$+!"$=$m$=$m(B pf $B$K0\9T$9$Y$-$J$s$G$7$g$&$+$M!D$`!<(B

-- 
 Mitzyuki IMAIZUMI <mitz@mitz.jp>
