BFD

**trout21** · 08-26-2004 03:28 AM

I installed bfd lately as I am having more than my fair share of hacker attempts -

Aug 25 10:42:18 ***** sshd[23203]: Illegal user test from ::ffff:209.235.23.215
Aug 25 10:42:21 ***** sshd[23203]: Failed password for illegal user test from
::ffff:209.235.23.215 port 4815 ssh2

etc, etc.

However, when bfd is to put the ip into the apf deny_hosts it enters ffff - ? Should this not be the IP?

Also is there a way to lower the attempts to say 3 wrong attempts and then it puts the IP in ? as I notice several times that the same IP can hack away for 10-12 attempts and still not get entered.

Thanks for any advice.

trout

**picoyak** · 08-26-2004 05:00 AM

Take a look at this thread at rfxnetworks forums.

seems like a similar issue.

**trout21** · 08-26-2004 05:30 AM

thanx.... giving that a whirl...

**SarcNBit** · 08-27-2004 09:46 AM

Make sure you are using the latest version of APF and BFD (v0.9.4r5 and v0.4r2 respectively as of this writing)

LinkBack

Thread Tools

BFD - some advice please

Not Getting Messages From BFD

How often do you get BFD attacks?

bfd-0.6

BFD without APF?